Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wp live chat shoutbox project wp live chat shoutbox vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-1020
The Steveas WP Live Chat Shoutbox WordPress plugin up to and including 1.4.2 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection.
Wp Live Chat Shoutbox Project Wp Live Chat Shoutbox
NA
CVE-2023-0899
The Steveas WP Live Chat Shoutbox WordPress plugin up to and including 1.4.2 does not sanitise and escape a parameter before outputting it back in the Shoutbox, leading to Stored Cross-Site Scripting which could be used against high privilege users such as admins.
Wp Live Chat Shoutbox Project Wp Live Chat Shoutbox
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started