RSS   Vulnerabilities for 'Chaty'   RSS

2022-04-11
 
CVE-2021-36846

CWE-79
 

 
Authenticated (admin or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Premio Chaty (WordPress plugin) <= 2.8.3

 
2022-01-03
 
CVE-2021-25016

CWE-79
 

 
The Chaty WordPress plugin before 2.8.3 and Chaty Pro WordPress plugin before 2.8.2 do not sanitise and escape the search parameter before outputting it back in the admin dashboard, leading to a Reflected Cross-Site Scripting

 

 >>> Vendor: Premio 4 Products
Mystickymenu
Chaty
Chaty pro
Mystickyelements


Copyright 2024, cxsecurity.com

 

Back to Top