EUVD-2019-16338

Malware in sbrugna...

EUVD-2023-36748

Malicious code in bioql PyPI...

CVE-2025-3774

The Wise Chat plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the X-Forwarded-For header in all versions up to, and including, 3.3.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scrip...

WordPress Wise Chat plugin <= 3.3.4 - Unauthenticated Stored Cross-Site Scripting via X-Forwarded-For Header vulnerability

Unauthenticated Stored Cross-Site Scripting via X-Forwarded-For Header vulnerability discovered by Vincent Fourcade vinceMatsui in WordPress Plugin Wise Chat versions = 3.3.4...

CVE-2025-3774

The Wise Chat plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the X-Forwarded-For header in all versions up to, and including, 3.3.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scrip...

CVE-2025-3774

CVE-2025-3774 covers Wise Chat for WordPress (versions up to and including 3.3.4) with an unauthenticated Stored XSS via the X-Forwarded-For header. The vulnerability stems from insufficient input sanitization and output escaping, enabling attackers to inject scripts that execute when users load ...

CVE-2025-3774 Wise Chat <= 3.3.4 - Unauthenticated Stored Cross-Site Scripting via X-Forwarded-For Header

The Wise Chat plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the X-Forwarded-For header in all versions up to, and including, 3.3.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scrip...

CVE-2025-3774 Wise Chat <= 3.3.4 - Unauthenticated Stored Cross-Site Scripting via X-Forwarded-For Header

The Wise Chat plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the X-Forwarded-For header in all versions up to, and including, 3.3.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scrip...

PT-2025-25606 · WordPress · Wise Chat

Name of the Vulnerable Software and Affected Versions: Wise Chat plugin for WordPress versions up to, and including, 3.3.4 Description: The issue is related to Stored Cross-Site Scripting via the X-Forwarded-For header due to insufficient input sanitization and output escaping. This allows...

WordPress plugin Wise Chat 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

CVE-2023-32504

Cross-Site Request Forgery CSRF vulnerability in Kainex Wise Chat.This issue affects Wise Chat: from n/a through 3.1.3...

CVE-2024-13613

The Wise Chat plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.3.3 via the 'uploads' directory. This makes it possible for unauthenticated attackers to extract sensitive data stored insecurely in the /wp-content/uploads directory which c...

CVE-2024-13613

CVE-2024-13613 concerns the Wise Chat WordPress plugin. The vulnerability allows unauthenticated attackers to access sensitive data stored under the uploads directory (wp-content/uploads), exposing file attachments included in chat messages. Affected versions go up to and including 3.3.3, with pa...

CVE-2024-13613 Wise Chat <= 3.3.3 - Unauthenticated Sensitive Information Exposure Through Unprotected Directory

The Wise Chat plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.3.3 via the 'uploads' directory. This makes it possible for unauthenticated attackers to extract sensitive data stored insecurely in the /wp-content/uploads directory which c...

CVE-2024-13613 Wise Chat <= 3.3.3 - Unauthenticated Sensitive Information Exposure Through Unprotected Directory

The Wise Chat plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.3.3 via the 'uploads' directory. This makes it possible for unauthenticated attackers to extract sensitive data stored insecurely in the /wp-content/uploads directory which c...

PT-2025-21786 · WordPress · Wise Chat

Name of the Vulnerable Software and Affected Versions: Wise Chat plugin for WordPress versions prior to 3.3.4 Description: The issue allows unauthenticated attackers to extract sensitive data stored insecurely in the /wp-content/uploads directory, which can contain file attachments included in ch...

WordPress plugin Wise Chat 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An information disclosure...

WordPress Wise Chat plugin <= 3.3.3 - Unauthenticated Sensitive Information Exposure Through Unprotected Directory vulnerability

Unauthenticated Sensitive Information Exposure Through Unprotected Directory vulnerability discovered by Tim Coen in WordPress Plugin Wise Chat versions = 3.3.2...

CVE-2023-32504

Cross-Site Request Forgery CSRF vulnerability in Kainex Wise Chat.This issue affects Wise Chat: from n/a through 3.1.3...

CVE-2023-32504

Cross-Site Request Forgery CSRF vulnerability in Kainex Wise Chat.This issue affects Wise Chat: from n/a through 3.1.3...