6 matches found
CVE-2024-2957
Rejected reason: DUPLICATE Please use CVE-2024-1983 instead...
WordPress Simple Ajax Chat Plugin < 20240223 is vulnerable to Cross Site Scripting (XSS)
Software Simple Ajax Chat Type Plugin Vulnerable versions 20240223 Fixed in 20240223 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1983 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 67c9eb2499f7 Credits fourcade...
CVE-2024-1983
The Simple Ajax Chat WordPress plugin before 20240223 does not prevent visitors from using malicious Names when using the chat, which will be reflected unsanitized to other users...
CVE-2024-1983
CVE-2024-1983 affects the WordPress plugin Simple Ajax Chat (formerly Simple Ajax Chat – Add a Fast, Secure Chat Box). The Red Hat/NVD description (and related sources) state the issue is that the plugin does not prevent visitors from using malicious Names in chat, which are reflected unsanitized...
CVE-2024-1983 Simple Ajax Chat < 20240223 - Unauthenticated Stored XSS
The Simple Ajax Chat WordPress plugin before 20240223 does not prevent visitors from using malicious Names when using the chat, which will be reflected unsanitized to other users...
CVE-2024-1983 Simple Ajax Chat < 20240223 - Unauthenticated Stored XSS
The Simple Ajax Chat WordPress plugin before 20240223 does not prevent visitors from using malicious Names when using the chat, which will be reflected unsanitized to other users...