RSS   Vulnerabilities for 'Live chat support'   RSS

2018-07-02
 
CVE-2018-12426

CWE-434
 

 
The WP Live Chat Support Pro plugin before 8.0.07 for WordPress is vulnerable to unauthenticated Remote Code Execution due to client-side validation of allowed file types, as demonstrated by a v1/remote_upload request with a .php filename and the image/jpeg content type.

 

 >>> Vendor: Wp-livechat 2 Products
Wp live chat support
Live chat support


Copyright 2024, cxsecurity.com

 

Back to Top