EUVD-2024-29019

Malicious code in bioql PyPI...

CVE-2024-31108

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in iFlyChat Team iFlyChat – WordPress Chat iflychat allows Stored XSS.This issue affects iFlyChat – WordPress Chat: from n/a through 4.7.2...

iFlyChat – WordPress Chat <= 4.7.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

Description The iFlyChat – WordPress Chat plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 4.7.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and...

CVE-2024-31108

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in iFlyChat Team iFlyChat – WordPress Chat iflychat allows Stored XSS.This issue affects iFlyChat – WordPress Chat: from n/a through 4.7.2...

CVE-2024-31108 WordPress iFlyChat plugin <= 4.7.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in iFlyChat Team iFlyChat – WordPress Chat iflychat allows Stored XSS.This issue affects iFlyChat – WordPress Chat: from n/a through 4.7.2...

CVE-2024-31108 WordPress iFlyChat plugin <= 4.7.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in iFlyChat Team iFlyChat – WordPress Chat iflychat allows Stored XSS.This issue affects iFlyChat – WordPress Chat: from n/a through 4.7.2...

WordPress iFlyChat – WordPress Chat Plugin <= 4.7.2 is vulnerable to Cross Site Scripting (XSS)

Software iFlyChat – WordPress Chat Type Plugin Vulnerable versions = 4.7.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-31108 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID d092a7fe63ad Credits LVT-tholv2k Required privilege...

CVE-2021-24343

The iFlyChat WordPress plugin before 4.7.0 does not sanitise its APP ID setting before outputting it back in the page, leading to an authenticated Stored Cross-Site Scripting issue...

CVE-2021-24343

Vulnerability summary (CVE-2021-24343) : The WordPress iFlyChat – WordPress Chat plugin (versions ≤ 4.6.4) is affected by an authenticated stored XSS due to the plugin outputting the APP ID setting without sanitization. Root cause: lack of proper sanitization of APP ID before page output. Impact:...

CVE-2021-24343 iFlyChat – WordPress Chat < 4.7.0 - Admin+ Stored Cross-Site Scripting (XSS)

The iFlyChat WordPress plugin before 4.7.0 does not sanitise its APP ID setting before outputting it back in the page, leading to an authenticated Stored Cross-Site Scripting issue...

WordPress 跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL servers to set up a personal blog site.WordPress Plugin is a WordPress open source application plugin . A cross-site scripting vulnerability exists in iFlyChat -...

WordPress iFlyChat – WordPress Chat plugin <= 4.6.4 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Kishore Hariram in WordPress iFlyChat – WordPress Chat plugin versions = 4.6.4. Solution Update the WordPress iFlyChat – WordPress Chat plugin to the latest available version at least 4.7.0...

iFlyChat – WordPress Chat <= 4.6.4 - Authenticated Stored Cross-Site Scripting (XSS)

The plugin does not sanitise its APP ID setting before outputting it back in the page, leading to an authenticated Stored Cross-Site Scripting issue Step1: Install and activate the plugin "iFlyChat – WordPress Chat-4.6.4" Step2: Enter the following payload in the "APP ID" field of the plugin...

iFlyChat – WordPress Chat <= 4.6.4 - Authenticated Stored Cross-Site Scripting (XSS)

The plugin does not sanitise its APP ID setting before outputting it back in the page, leading to an authenticated Stored Cross-Site Scripting issue PoC Step1: Install and activate the plugin "iFlyChat – WordPress Chat-4.6.4" Step2: Enter the following payload in the "APP ID" field of the plugin...