Live Chat Security Vulnerabilities and Issues — Live Chat CVE List

Lucene search

3cxLive Chat

3 matches found

CVE•added 2019/06/03 9:29 p.m.•132 views

CVE-2019-11185

The WP Live Chat Support Pro plugin through 8.0.26 for WordPress contains an arbitrary file upload vulnerability. This results from an incomplete patch for CVE-2018-12426. Arbitrary file upload is achieved by using a non-blacklisted executable file extension in conjunction with a whitelisted file e...

9.8CVSS9.4AI score0.1059EPSS

CVE•added 2020/03/20 7:15 p.m.•132 views

CVE-2019-12498

The WP Live Chat Support plugin before 8.0.33 for WordPress accepts certain REST API calls without invoking the wplc_api_permission_check protection mechanism.

9.8CVSS9.5AI score0.00843EPSS

CVE•added 2018/07/02 5:29 p.m.•52 views

CVE-2018-12426

The WP Live Chat Support Pro plugin before 8.0.07 for WordPress is vulnerable to unauthenticated Remote Code Execution due to client-side validation of allowed file types, as demonstrated by a v1/remote_upload request with a .php filename and the image/jpeg content type.

9.8CVSS9.6AI score0.1059EPSS