Multiple cross-site scripting (XSS) vulnerabilities in server/offline.php in the ActiveHelper LiveHelp Live Chat plugin 3.1.0 and previous versions for WordPress allow remote malicious users to inject arbitrary web script or HTML via the (1) MESSAGE, (2) EMAIL, or (3) NAME parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
activehelper activehelper livehelp live chat |
||
activehelper activehelper livehelp live chat 2.6.0 |
||
activehelper activehelper livehelp live chat 2.9.0 |
||
activehelper activehelper livehelp live chat 2.7.5 |
||
activehelper activehelper livehelp live chat 2.7.4 |
||
activehelper activehelper livehelp live chat 2.7.3 |
||
activehelper activehelper livehelp live chat 2.7.0 |
||
activehelper activehelper livehelp live chat 3.0.0 |
||
activehelper activehelper livehelp live chat 2.9.2 |
||
activehelper activehelper livehelp live chat 2.6.7 |
||
activehelper activehelper livehelp live chat 2.6.2 |
||
activehelper activehelper livehelp live chat 2.9.5 |
||
activehelper activehelper livehelp live chat 2.9.1 |
||
activehelper activehelper livehelp live chat 2.6.5 |
||
activehelper activehelper livehelp live chat 2.6.1 |