ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Live Chat Unlimited premium plugin <= 2.8.3 - Stored Cross-Site Scripting (XSS) vulnerability

Product
Live Chat Unlimited
Description
Stored Cross-Site Scripting (XSS) vulnerability found by m0ze in WordPress Live Chat Unlimited premium plugin (versions <= 2.8.3).
Solution
Update the WordPress Live Chat Unlimited premium plugin to the latest available version (at least 2.8.4).
Classification
Type XSS (Cross Site Scripting)
OWASP Top 10 A3: Cross Site Scripting (XSS)
References
Plugin changelog
CVE
Name CVE-N/A
Versions
Affected In <= 2.8.3
Fixed In 2.8.4
Disclosure date
2019-07-02
Credits
m0ze
Submitter
ThreatPress