3 matches found
CVE-2024-12541
creationtimestamp| type| source ---|---|--- 2025-01-07 03:36:53+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/289 2025-01-07 04:13:15+00:00| seen| https://infosec.exchange/users/cve/statuses/113785123309410684 2025-01-07 04:15:54+00:00| seen|...
CVE-2024-12541 Chative Live chat and Chatbot <= 1.1 - Cross-Site Request Forgery via add_chative_widget_action Function
The Chative Live chat and Chatbot plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1. This is due to missing or incorrect nonce validation on the addchativewidgetaction function. This makes it possible for unauthenticated attackers to change...
CVE-2024-12541
CVE-2024-12541 affects the Chative Live chat and Chatbot WordPress plugin up to version 1.1. The issue is Cross-Site Request Forgery due to missing or incorrect nonce validation in add_chative_widget_action(), enabling unauthenticated attackers to forge requests that change the channel ID or orga...