Page 3 of 15 results (0.006 seconds)

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-18507 – WP Live Chat Support <= 7.1.04 - Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2017-18507

The wp-live-chat-support plugin before 7.1.05 for WordPress has XSS. El plugin wp-live-chat-support anterior de 7.1.05 para WordPress tiene XSS. • https://wordpress.org/plugins/wp-live-chat-support/#developers • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-18508 – WP Live Chat Support <= 7.1.02 - Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2017-18508

The wp-live-chat-support plugin before 7.1.03 for WordPress has XSS. El plugin wp-live-chat-support anterior a la versión 7.1.03 para WordPress tiene XSS. • https://wordpress.org/plugins/wp-live-chat-support/#developers https://wpvulndb.com/vulnerabilities/9719 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-2187 – WP Live Chat Support <= 7.0.06 - Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2017-2187

Cross-site scripting vulnerability in WP Live Chat Support prior to version 7.0.07 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Una vulnerabilidad de tipo cross-site-scripting en WP Live Chat Support anterior a versión 7.0.07, permite a los atacantes remotos inyectar script web o HTML arbitrario por medio de vectores no especificados • http://jvn.jp/en/jp/JVN70951878/index.html https://plugins.trac.wordpress.org/changeset/1658232 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2016-10879 – 3CX Free Live Chat <= 6.2.03 - Unauthenticated Stored Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2016-10879

The wp-live-chat-support plugin before 6.2.02 for WordPress has XSS. El plugin wp-live-chat-support anterior a la versión 6.2.02 para WordPress tiene XSS. The WP Live Chat Support plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'name' parameter in versions up to, and including, 6.2.03 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. • https://wordpress.org/plugins/wp-live-chat-support/#developers • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2014-10386 – WP Live Chat Support < 4.1.0 - JavaScript Code Injection

https://notcve.org/view.php?id=CVE-2014-10386

The wp-live-chat-support plugin before 4.1.0 for WordPress has JavaScript injections. El plugin wp-live-chat-support antes de 4.1.0 para WordPress tiene inyecciones de JavaScript. • https://wordpress.org/plugins/wp-live-chat-support/#developers • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •