Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
chat vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2022-3415
The Chat Bubble WordPress plugin prior to 2.3 does not sanitise and escape some contact parameters, which could allow unauthenticated malicious users to set Stored Cross-Site Scripting payloads in them, which will trigger when an admin view the related contact message
Bluecoral Chat Bubble
6.1
CVSSv3
CVE-2018-9864
The WP Live Chat Support plugin prior to 8.0.06 for WordPress has stored XSS via the Name field.
3cx Live Chat
8.8
CVSSv3
CVE-2021-43353
The Crisp Live Chat WordPress plugin is vulnerable to Cross-Site Request Forgery due to missing nonce validation via the crisp_plugin_settings_page function found in the ~/crisp.php file, which made it possible for malicious users to inject arbitrary web scripts in versions up to...
Crisp Live Chat
5.4
CVSSv3
CVE-2022-39279
discourse-chat is a plugin for the Discourse message board which adds chat functionality. In versions before 0.9 some places render a chat channel's name and description in an unsafe way, allowing staff members to cause an cross site scripting (XSS) attack by inserting unsaf...
Discourse Discourse-chat
6.1
CVSSv3
CVE-2019-9913
The wp-live-chat-support plugin prior to 8.0.18 for WordPress has wp-admin/admin.php?page=wplivechat-menu-gdpr-page term XSS.
3cx Live Chat
8.8
CVSSv3
CVE-2021-4131
livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF)
Livehelperchat Live Helper Chat
6.1
CVSSv3
CVE-2021-4169
livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Livehelperchat Live Helper Chat
5.4
CVSSv3
CVE-2021-4179
livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Livehelperchat Live Helper Chat
6.5
CVSSv3
CVE-2022-0231
livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF)
Livehelperchat Live Helper Chat
NA
CVE-2014-5833
The FriendCaster Chat (aka com.handmark.friendcaster.chat) application 2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Onelouder Friendcaster Chat 2.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »