CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 2025/11/11 3:30 a.m.•10 views

CVE-2025-11829

CVE-2025-11829 relates to the Five9 Live Chat plugin for WordPress. The WordPress plugin versions through 1.1.2 are vulnerable to Stored Cross-Site Scripting via the toolbar attribute in the [five9-chat] shortcode, due to insufficient input sanitization and output escaping. The Wordfence report (...

6.4CVSS4.8AI score0.00032EPSS

Vulnrichment•added 2025/11/11 3:30 a.m.•1 views

CVE-2025-11829 Five9 Live Chat <= 1.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

6.4CVSS4.7AI score0.00032EPSS

Cvelist•added 2025/11/11 3:30 a.m.•3 views

CVE-2025-11829 Five9 Live Chat <= 1.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

6.4CVSS0.00032EPSS

Patchstack•added 2025/11/11 1:10 a.m.•4 views

WordPress Five9 Live Chat plugin <= 1.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Five9 Live Chat versions = 1.1.2...

6.4CVSS5.6AI score0.00032EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2025/11/11 12:0 a.m.•2 views

PT-2025-46254

Name of the Vulnerable Software and Affected Versions Five9 Live Chat plugin for WordPress versions through 1.1.2 Description The Five9 Live Chat plugin for WordPress is susceptible to Stored Cross-Site Scripting through the toolbar attribute within the five9-chat shortcode. This occurs because o...

6.4CVSS5.5AI score0.00032EPSS

Exploits0References4

CNNVD•added 2025/11/11 12:0 a.m.•0 views

WordPress plugin Five9 Live Chat 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

6.4CVSS5.8AI score0.00032EPSS

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2018-7385

Malware in sbrugna...

7.5CVSS7.6AI score0.00667EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•0 views

EUVD-2018-7386

Malware in sbrugna...

9.8CVSS9.5AI score0.00482EPSS

Exploits1References2

NVD•added 2019/03/21 4:0 p.m.•8 views

CVE-2018-15508

Five9 Agent Desktop Plus 10.0.70 has Incorrect Access Control allowing a remote attackers to cause a denial of service via opening a connection on port 8083 to a device running the Five9 SoftPhoneissue 1 of 2...

7.5CVSS7.5AI score0.00667EPSS

OSV•added 2019/03/21 4:0 p.m.•1 views

CVE-2018-15508

7.5CVSS5.8AI score

Exploits0References1

Prion•added 2019/03/21 4:0 p.m.•18 views

Design/Logic Flaw

5CVSS7.5AI score0.00667EPSS

CNVD•added 2019/03/20 12:0 a.m.•1 views

Five9 Agent Desktop Plus Access Control Error Vulnerability

Five9 Agent Desktop Plus is a suite of cloud-based contact center software from Five9 USA. An access control error vulnerability exists in Five9 Agent Desktop Plus version 10.0.70. A remote attacker could exploit the vulnerability to execute code...

9.8CVSS7.1AI score0.00482EPSS

NVD•added 2019/03/18 1:32 a.m.•6 views

CVE-2018-15509

Five9 Agent Desktop Plus 10.0.70 has Incorrect Access Control issue 2 of 2...

9.8CVSS9.6AI score0.00482EPSS

OSV•added 2019/03/18 1:32 a.m.•0 views

CVE-2018-15509

Five9 Agent Desktop Plus 10.0.70 has Incorrect Access Control issue 2 of 2...

9.8CVSS5.8AI score0.00482EPSS

Prion•added 2019/03/18 1:32 a.m.•13 views

Improper access control

Five9 Agent Desktop Plus 10.0.70 has Incorrect Access Control issue 2 of 2...

7.5CVSS9.4AI score0.00482EPSS

CVE•added 2019/03/15 10:0 p.m.•34 views

CVE-2018-15509

Five9 Agent Desktop Plus 10.0.70 is affected by an Incorrect Access Control vulnerability (CVE-2018-15509). Multiple connected records (CNVD-2019-07887) describe an access control error in Five9 Agent Desktop Plus, with CNVD noting a remote attacker could execute code. NVD data corroborates the C...

9.8CVSS9.4AI score0.00482EPSS

CVE•added 2019/03/15 10:0 p.m.•50 views

CVE-2018-15508

Summary: CVE-2018-15508 affects Five9 Agent Desktop Plus 10.0.70, where an incorrect access control allows a remote attacker to cause a denial of service by opening a connection on port 8083 to a device running the Five9 SoftPhone. The NVD entry documents the issue with a network-based vector and...

7.5CVSS7.4AI score0.00667EPSS