Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
PremioChaty*

3 matches found

CVE
CVEadded 2022/04/11 8:15 p.m.63 views

CVE-2021-36846

Authenticated (admin or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Premio Chaty (WordPress plugin)

4.8CVSS4.8AI score0.00319EPSS
CVE
CVEadded 2022/01/03 1:15 p.m.60 views

CVE-2021-25016

The Chaty WordPress plugin before 2.8.3 and Chaty Pro WordPress plugin before 2.8.2 do not sanitise and escape the search parameter before outputting it back in the admin dashboard, leading to a Reflected Cross-Site Scripting

6.1CVSS6AI score0.10375EPSS
CVE
CVEadded 2022/12/05 5:15 p.m.53 views

CVE-2022-3858

The Floating Chat Widget: Contact Chat Icons, Telegram Chat, Line, WeChat, Email, SMS, Call Button WordPress plugin before 3.0.3 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as admin.

7.2CVSS7.2AI score0.00306EPSS