CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

CVE•added 2025/11/19 5:45 a.m.•6 views

CVE-2025-12751

CVE-2025-12751 (WSChat – WordPress Live Chat) ?The Wordfence intelligence entry confirms a vulnerability in the WSChat WordPress Live Chat plugin (versions up to and including 3.1.6): a missing capability check on the reset_settings AJAX endpoint allows authenticated users with Subscriber-level a...

4.3CVSS4.7AI score0.00036EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-27820

Malicious code in bioql PyPI...

5.9CVSS5.3AI score0.00207EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 5:12 a.m.•4 views

CVE-2023-23734

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in David Voswinkel Userlike – WordPress Live Chat plugin = 2.2 versions...

5.9CVSS5.6AI score0.00207EPSS

Exploits0References1

NVD•added 2023/05/09 11:15 a.m.•11 views

CVE-2023-23734

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in David Voswinkel Userlike – WordPress Live Chat plugin = 2.2 versions...

5.9CVSS5.4AI score0.00207EPSS

Exploits0References1

Prion•added 2023/05/09 11:15 a.m.•13 views

Cross site scripting

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in David Voswinkel Userlike – WordPress Live Chat plugin = 2.2 versions...

4.3CVSS4.8AI score0.00207EPSS

Exploits0References1Affected Software1

CVE•added 2023/05/09 10:40 a.m.•39 views

CVE-2023-23734

The CVE-2023-23734 issue affects the WordPress plugin Userlike – WordPress Live Chat (David Voswinkel) versions ≤ 2.2. It is an authenticated Stored XSS vulnerability (admin+), caused by insufficient sanitization/escaping of settings, enabling an administrator to inject scripts executed by other ...

5.9CVSS4.9AI score0.00207EPSS

Exploits0References1Affected Software1

OSV•added 2023/04/24 7:15 p.m.•0 views

CVE-2023-1020

The Steveas WP Live Chat Shoutbox WordPress plugin through 1.4.2 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection...

9.8CVSS7.3AI score0.73648EPSS

Exploits2References1

Patchstack•added 2023/03/21 12:0 a.m.•4 views

WordPress Userlike – WordPress Live Chat plugin Plugin <= 2.2 is vulnerable to Cross Site Scripting (XSS)

Software Userlike – WordPress Live Chat plugin Type Plugin Vulnerable versions = 2.2 Fixed in 2.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-23734 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID da66e187f0fd Credits yuyud...

5.9CVSS5.8AI score0.00207EPSS

Exploits0References2Affected Software1

Patchstack•added 2020/10/14 12:0 a.m.•14 views

WordPress Live Chat - Live support plugin <= 3.1.0 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability found by Yusuke Fukuda Cryptography Laboratory, Department of Information and Communication Engineering, Tokyo Denki University in WordPress Live Chat - Live support plugin versions = 3.1.0. Solution Update the WordPress Live Chat - Live support plugi...

8.8CVSS2.9AI score0.00102EPSS

Exploits0References2Affected Software1

CNVD•added 2019/03/22 12:0 a.m.•2 views

wp-live-chat-support cross-site scripting vulnerability

WP Live Chat Support is feature-rich live chat plugin for WordPress. A cross-site scripting vulnerability exists in the WordPress wp-live-chat-support plugin prior to version 8.0.18, which stems from the program failing to properly encode parameters. A remote attacker can exploit this vulnerabili...

6.1CVSS6.5AI score0.00313EPSS

Exploits1References1

Positive Technologies•added 2017/06/09 12:0 a.m.•3 views

PT-2017-15246 · WordPress · Wp Live Chat Support

Name of the Vulnerable Software and Affected Versions: WP Live Chat Support versions prior to 7.0.07 Description: A cross-site scripting issue allows remote attackers to inject arbitrary web script or HTML. Recommendations: For versions prior to 7.0.07, update to version 7.0.07 or later to resolv...

6.1CVSS6AI score0.00192EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by