Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
chat vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-4902
A vulnerability classified as problematic has been found in eXo Chat Application. Affected is an unknown function of the file application/src/main/webapp/vue-app/components/ExoChatMessageComposer.vue of the component Mention Handler. The manipulation leads to cross site scripting...
Exoplatform Chat Application
383
VMScore
CVE-2014-10386
The wp-live-chat-support plugin prior to 4.1.0 for WordPress has JavaScript injections.
3cx Live Chat
668
VMScore
CVE-2019-12498
The WP Live Chat Support plugin prior to 8.0.33 for WordPress accepts certain REST API calls without invoking the wplc_api_permission_check protection mechanism.
3cx Live Chat
668
VMScore
CVE-2018-12426
The WP Live Chat Support Pro plugin prior to 8.0.07 for WordPress is vulnerable to unauthenticated Remote Code Execution due to client-side validation of allowed file types, as demonstrated by a v1/remote_upload request with a .php filename and the image/jpeg content type.
3cx Live Chat
383
VMScore
CVE-2016-10879
The wp-live-chat-support plugin prior to 6.2.02 for WordPress has XSS.
3cx Live Chat
NA
CVE-2022-3415
The Chat Bubble WordPress plugin prior to 2.3 does not sanitise and escape some contact parameters, which could allow unauthenticated malicious users to set Stored Cross-Site Scripting payloads in them, which will trigger when an admin view the related contact message
Bluecoral Chat Bubble
356
VMScore
CVE-2022-31095
discourse-chat is a chat plugin for the Discourse application. Versions before 0.4 are vulnerable to an exposure of sensitive information, where an attacker who knows the message ID for a channel they do not have access to can view that message using the chat message lookup endpo...
Discourse Discourse-chat
NA
CVE-2022-46817
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Flyzoo Flyzoo Chat plugin <= 2.3.3 versions.
Flyzoo Flyzoo Chat
605
VMScore
CVE-2021-43353
The Crisp Live Chat WordPress plugin is vulnerable to Cross-Site Request Forgery due to missing nonce validation via the crisp_plugin_settings_page function found in the ~/crisp.php file, which made it possible for malicious users to inject arbitrary web scripts in versions up to...
Crisp Live Chat
383
VMScore
CVE-2020-15948
eGain Chat 15.5.5 allows XSS via the Name (aka full_name) field.
Egain Chat 15.5.5
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »