3 matches found
CVE-2024-4664 WP Chat App < 3.6.5 - Admin+ Stored XSS
The WP Chat App WordPress plugin before 3.6.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admins to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...
CVE-2024-4664 WP Chat App < 3.6.5 - Admin+ Stored XSS
The WP Chat App WordPress plugin before 3.6.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admins to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...
WordPress WP Chat App Plugin < 3.6.5 is vulnerable to Cross Site Scripting (XSS)
Software WP Chat App Type Plugin Vulnerable versions 3.6.5 Fixed in 3.6.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4664 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID d88d11629e30 Credits Krugov Artyom Required privile...