Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
chat vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-2485
Cross-site scripting (XSS) vulnerability in the URL redirection script (inc/url_redirection.inc.php) in PCPIN Chat prior to 6.11 allows remote malicious users to inject arbitrary web script or HTML via unknown vectors.
Pcpin Pcpin Chat
4.8
CVSSv3
CVE-2023-32292
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in GetButton Chat Button by GetButton.Io plugin <= 1.8.9.4 versions.
Getbutton Chat Button
6.1
CVSSv3
CVE-2019-13975
eGain Chat 15.0.3 allows HTML Injection.
Egain Chat 15.0.3
9.8
CVSSv3
CVE-2019-1010104
TechyTalk Quick Chat WordPress Plugin All up to the latest is affected by: SQL Injection. The impact is: Access to the database. The component is: like_escape is used in Quick-chat.php line 399. The attack vector is: Crafted ajax request.
Techytalk Quick Chat
9.8
CVSSv3
CVE-2019-13976
eGain Chat 15.0.3 allows unrestricted file upload.
Egain Chat 15.0.3
6.1
CVSSv3
CVE-2014-10386
The wp-live-chat-support plugin prior to 4.1.0 for WordPress has JavaScript injections.
3cx Live Chat
4.8
CVSSv3
CVE-2023-23727
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Formilla Live Chat by Formilla plugin <= 1.3 versions.
Formilla Live Chat
NA
CVE-2007-0954
MOHA Chat 0.1b7 and previous versions does not require authentication for use of the plug in API, which has unknown impact and attack vectors.
Mohachat Moha Chat
6.1
CVSSv3
CVE-2019-14950
The wp-live-chat-support plugin prior to 8.0.27 for WordPress has XSS via the GDPR page.
3cx Live Chat
9.8
CVSSv3
CVE-2018-12426
The WP Live Chat Support Pro plugin prior to 8.0.07 for WordPress is vulnerable to unauthenticated Remote Code Execution due to client-side validation of allowed file types, as demonstrated by a v1/remote_upload request with a .php filename and the image/jpeg content type.
3cx Live Chat
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »