New Phishing Scam Uses LiveChat to Pose as Amazon and PayPal in Real Time

Cofense researchers warn of a phishing scam where attackers use LiveChat to impersonate Amazon and PayPal agents and steal credit card and MFA codes...

EUVD-2023-53729

Malicious code in bioql PyPI...

EUVD-2022-1759

Malicious code in bioql PyPI...

EUVD-2024-36639

Malicious code in bioql PyPI...

Livechat Chatbot Detected

This is an informational plugin to inform the user that the scanner has detected a publicly accessible Livechat chatbot on the target application. Livechat is a solution to build & deploy AI customer experiences. This detection is included in the AI and LLM category. No source data...

CVE-2024-37405

Livechat messages can be leaked by combining two NoSQL injections affecting livechat:loginByToken pre-authentication and livechat:loadHistory...

CVE-2023-49821

Cross-Site Request Forgery CSRF vulnerability in LiveChat LiveChat – WP live chat plugin for WordPress.This issue affects LiveChat – WP live chat plugin for WordPress: from n/a through 4.5.15...

CVE-2022-21830

A blind self XSS vulnerability exists in RocketChat LiveChat...

CVE-2024-37405

Livechat messages can be leaked by combining two NoSQL injections affecting livechat:loginByToken pre-authentication and livechat:loadHistory...

CVE-2024-37405

Livechat messages can be leaked by combining two NoSQL injections affecting livechat:loginByToken pre-authentication and livechat:loadHistory...

CVE-2024-37405

The CVE-2024-37405 entry concerns Rocket.Chat LiveChat, where two NoSQL injections enable leakage of data: pre-authentication access via livechat:loginByToken and leakage of chat history via livechat:loadHistory. This is a combined, pre-auth scenario affecting the LiveChat component/workflow; the...

CVE-2024-37405

Livechat messages can be leaked by combining two NoSQL injections affecting livechat:loginByToken pre-authentication and livechat:loadHistory...

RocketChat LiveChat Security Breach

RocketChat LiveChat is a small, lightweight application from RocketChat, Inc. designed to provide B2C business-to-customer communication between agents and website visitors. A security vulnerability exists in RocketChat LiveChat that stems from the presence of a NoSQL injection that can leak...

Rocket.Chat: NoSQL injection leaks visitor token and livechat messages

The Rocket.Chat application was affected by two NoSQL injection vulnerabilities. The first vulnerability allowed leaking visitor tokens by exploiting the livechat:loginByToken method, while the second vulnerability enabled leaking livechat messages by exploiting the livechat:loadHistory method...

LiveChat WooCommerce < 2.2.17 - Cross-Site Request Forgery

Description The WordPress Live Chat Plugin for WooCommerce – LiveChat plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2.16. This is due to missing or incorrect nonce validation on several functions in the...

WordPress WordPress Live Chat Plugin for WooCommerce – LiveChat Plugin <= 1.0.13 is vulnerable to Cross Site Request Forgery (CSRF)

Software WordPress Live Chat Plugin for WooCommerce – LiveChat Type Plugin Vulnerable versions = 1.0.13 Fixed in 1.0.14 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE N/A Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 8bc5490f826...

WordPress WordPress Live Chat Plugin for WooCommerce – LiveChat Plugin <= 2.2.16 is vulnerable to Cross Site Request Forgery (CSRF)

Software WordPress Live Chat Plugin for WooCommerce – LiveChat Type Plugin Vulnerable versions = 2.2.16 Fixed in 2.2.17 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE N/A Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 3c6eaa82ffd...

CVE-2023-49821

Cross-Site Request Forgery CSRF vulnerability in LiveChat LiveChat – WP live chat plugin for WordPress.This issue affects LiveChat – WP live chat plugin for WordPress: from n/a through 4.5.15...

CVE-2023-49821

Cross-Site Request Forgery CSRF vulnerability in LiveChat LiveChat – WP live chat plugin for WordPress.This issue affects LiveChat – WP live chat plugin for WordPress: from n/a through 4.5.15...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in LiveChat LiveChat – WP live chat plugin for WordPress.This issue affects LiveChat – WP live chat plugin for WordPress: from n/a through 4.5.15...