CVE-2019-18662

An issue was discovered in YouPHPTube through 7.7. User input passed through the livestreamcode POST parameter to /plugin/LiveChat/getChat.json.php is not properly sanitized in getFromChat in plugin/LiveChat/Objects/LiveChatObj.php before being used to construct a SQL query. This can be exploited...

EUVD-2019-8379

Malware in sbrugna...

EUVD-2021-30290

Malicious code in bioql PyPI...

EUVD-2023-58026

Malicious code in bioql PyPI...

WordPress plugin Chatwee 跨站请求伪造漏洞

WordPress Chatwee plugin is a plugin for adding live chat functionality to your WordPress website with multi-language and internationalization support. The WordPress Chatwee plugin suffers from a cross-site request forgery vulnerability that stems from the WEB application not adequately verifying...

WordPress plugin WP Live Chat + Chatbots Plugin for WordPress – Chaport 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin ... WordPress plugin WP Live...

CVE-2024-12541

The Chative Live chat and Chatbot plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1. This is due to missing or incorrect nonce validation on the addchativewidgetaction function. This makes it possible for unauthenticated attackers to change...

CVE-2014-10386

The wp-live-chat-support plugin before 4.1.0 for WordPress has JavaScript injections...

WordPress plugin Zalo Official Live Chat 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

CVE-2025-31383 WordPress FrescoChat Live Chat plugin <= 3.2.6 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in FrescoChat Live Chat allows Stored XSS. This issue affects FrescoChat Live Chat: from n/a through 3.2.6...

CVE-2023-5740

The Live Chat with Facebook Messenger plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'messenger' shortcode in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible f...

WordPress plugin Live Chat by Formilla 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

CVE-2023-23734

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in David Voswinkel Userlike – WordPress Live Chat plugin = 2.2 versions...

Cross site scripting

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in David Voswinkel Userlike – WordPress Live Chat plugin = 2.2 versions...

CVE-2023-23734

The CVE-2023-23734 issue affects the WordPress plugin Userlike – WordPress Live Chat (David Voswinkel) versions ≤ 2.2. It is an authenticated Stored XSS vulnerability (admin+), caused by insufficient sanitization/escaping of settings, enabling an administrator to inject scripts executed by other ...

CVE-2023-0899

The Steveas WP Live Chat Shoutbox WordPress plugin through 1.4.2 does not sanitise and escape a parameter before outputting it back in the Shoutbox, leading to Stored Cross-Site Scripting which could be used against high privilege users such as admins...

WordPress plugin Free Live Chat Support 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress plugin Free Live Chat Support...

Sql injection

An issue was discovered in YouPHPTube through 7.7. User input passed through the livestreamcode POST parameter to /plugin/LiveChat/getChat.json.php is not properly sanitized in getFromChat in plugin/LiveChat/Objects/LiveChatObj.php before being used to construct a SQL query. This can be exploited...

WordPress wp-live-chat-support plugin cross-site scripting vulnerability (CNVD-2019-36074)

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. wp-live-chat-support plugin is a live chat plugin used in it. A cross-site scripting vulnerability exists in the WordPress...

WordPress wp-live-chat-support plugin cross-site scripting vulnerability (CNVD-2019-27640)

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. wp-live-chat-support plugin is a live chat plugin used in it. A cross-site scripting vulnerability exists in WordPress...