6 matches found
CVE-2021-25016
CVE-2021-25016 affects the WordPress Chaty plugin (<= 2.8.3) and Chaty Pro (
CVE-2023-47759
CVE-2023-47759 describes a Cross-Site Scripting (XSS) issue in the Premio Chaty WordPress plugin, affecting versions
CVE-2021-36846
CVE-2021-36846 affects the WordPress Premio Chaty plugin; authenticated users (admin+) can store XSS in plugin settings. Public details cite versions <= 2.8.3 (and OpenVAS reference to
CVE-2022-3858
CVE-2022-3858 affects the WordPress plugin Chaty / Floating Chat Widget prior to version 3.0.3. The issue is an SQL injection caused by improper sanitisation/escaping of a parameter before it is used in a SQL statement, making it exploitable by users with a role as low as admin. Documented impact...
CVE-2023-3245
CVE-2023-3245 affects the Floating Chat Widget WordPress plugin (
CVE-2023-25019
The CVE-2023-25019 entry concerns the Premio Chaty WordPress plugin. Affected software: Chaty plugin versions up to and including 3.0.9. Vulnerable component: input handling in the plugin that enables unauthenticated, reflected Cross‑Site Scripting (XSS). Root cause and impact are described as un...