ThreatPress

WordPress Vulnerabilities Database

Back

WordPress LiveChat plugin <= 3.7.2 - Stored Cross-Site Scripting (XSS) and unauthenticated Option Update/Reset vulnerabilities

Product
LiveChat
Description
Stored Cross-Site Scripting (XSS) and unauthenticated Option Update/Reset vulnerabilities found by Pluginvulnerabilities in WordPress LiveChat plugin (versions <= 3.7.2).
Solution
Update the WordPress LiveChat plugin to the latest available version (3.7.4).
Classification
Type Multi
References
Plugin changelog
CVE
Name CVE-N/A
Versions
Affected In <= 3.7.2
Fixed In 3.7.4
Disclosure date
2019-07-10
Credits
Pluginvulnerabilities
Submitter
ThreatPress