ThreatPress

WordPress Vulnerabilities Database

Back

WordPress WP Live Chat Support plugin <=8.0.05 - Unauthenticated Stored XSS vulnerability

Product
WP Live Chat Support
Description
Unauthenticated Stored XSS vulnerability found by Luigi in WordPress WP Live Chat Support plugin (versions <=8.0.05).
Solution
Update the WordPress WP Live Chat Support plugin to the latest available version (at least 8.0.06).
Classification
Type XSS (Cross Site Scripting)
OWASP Top 10 A3: Cross Site Scripting (XSS)
References
Plugin changelog
CVE
Name CVE-N/A
Versions
Affected In <=8.0.05
Fixed In 8.0.06
Disclosure date
2018-04-09
Credits
Luigi
Submitter
ThreatPress