Lucene search
+L

6 matches found

NVD
NVD
added 12 hours ago5 views

CVE-2026-15759

The ChatHelp – Click to Chat Button, WooCommerce Chat to Order & Floating Chat Form plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'number' and 'group' Shortcode Attributes in all versions up to, and including, 3.5.1 due to insufficient input sanitization and output escapin...

6.4CVSS
Exploits0References7
EUVD
EUVD
added 14 hours ago6 views

EUVD-2026-45135

The ChatHelp – Click to Chat Button, WooCommerce Chat to Order & Floating Chat Form plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'number' and 'group' Shortcode Attributes in all versions up to, and including, 3.5.1 due to insufficient input sanitization and output escapin...

6.4CVSS6.2AI score
Exploits0References7
CVE
CVE
added 14 hours ago9 views

CVE-2026-15759

Summary: CVE-2026-15759 affects the WordPress plugin “ChatHelp – Click to Chat Button, WooCommerce Chat to Order & Floating Chat Form.” The vulnerability is a Stored Cross-Site Scripting (XSS) via the 'number' and 'group' Shortcode Attributes in all versions up to and including 3.5.1 due to insuf...

6.4CVSS6.2AI score
Exploits0References7
Patchstack
Patchstack
added 2026/04/07 10:55 p.m.8 views

WordPress LightPress Lightbox plugin <= 2.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'group' Shortcode Attribute vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'group' Shortcode Attribute vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin WP jQuery Lightbox versions = 2.3.4...

6.4CVSS5.9AI score0.00264EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2024/10/24 1:15 p.m.5 views

CVE-2024-10180

The Contact Form 7 – Repeatable Fields plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's fieldgroup shortcode in all versions up to, and including, 2.0.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible...

5.4CVSS5.9AI score0.00304EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/10/24 6:36 a.m.7 views

WordPress Contact Form 7 - Repeatable Fields plugin <= 2.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via field_group Shortcode vulnerability

WordPress Contact Form 7 - Repeatable Fields plugin = 2.0.1 - Authenticated Contributor+ Stored Cross-Site Scripting via fieldgroup Shortcode vulnerability discovered by Peter Thaleikis in WordPress Plugin Contact Form 7 - Repeatable Fields versions = 2.0.1...

6.4CVSS5.8AI score0.00304EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder