Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
chat vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2022-3415
The Chat Bubble WordPress plugin prior to 2.3 does not sanitise and escape some contact parameters, which could allow unauthenticated malicious users to set Stored Cross-Site Scripting payloads in them, which will trigger when an admin view the related contact message
Bluecoral Chat Bubble
9.8
CVSSv3
CVE-2019-12498
The WP Live Chat Support plugin prior to 8.0.33 for WordPress accepts certain REST API calls without invoking the wplc_api_permission_check protection mechanism.
3cx Live Chat
6.1
CVSSv3
CVE-2016-10879
The wp-live-chat-support plugin prior to 6.2.02 for WordPress has XSS.
3cx Live Chat
6.1
CVSSv3
CVE-2019-9913
The wp-live-chat-support plugin prior to 8.0.18 for WordPress has wp-admin/admin.php?page=wplivechat-menu-gdpr-page term XSS.
3cx Live Chat
6.1
CVSSv3
CVE-2018-9864
The WP Live Chat Support plugin prior to 8.0.06 for WordPress has stored XSS via the Name field.
3cx Live Chat
9.8
CVSSv3
CVE-2019-11185
The WP Live Chat Support Pro plugin up to and including 8.0.26 for WordPress contains an arbitrary file upload vulnerability. This results from an incomplete patch for CVE-2018-12426. Arbitrary file upload is achieved by using a non-blacklisted executable file extension in conjun...
3cx Live Chat
6.1
CVSSv3
CVE-2019-17176
Genesys PureEngage Digital (eServices) 8.1.x allows XSS via HtmlChatPanel.jsp or HtmlChatFrameSet.jsp (ActionColor, ClientNickNameColor, Email, email, or email_address parameter).
Genesys Eservices Chat
6.1
CVSSv3
CVE-2017-18507
The wp-live-chat-support plugin prior to 7.1.05 for WordPress has XSS.
3cx Live Chat
6.1
CVSSv3
CVE-2017-18508
The wp-live-chat-support plugin prior to 7.1.03 for WordPress has XSS.
3cx Live Chat
6.1
CVSSv3
CVE-2020-15948
eGain Chat 15.5.5 allows XSS via the Name (aka full_name) field.
Egain Chat 15.5.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »