More information about this CVE will likely be available in a few days

Description


The Simple Ajax Chat WordPress plugin before 20240412 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)

Related CPE's


Could not find any relations

Weaknesses


Could not find any weaknesses

CVSS impact metrics


Could not find any metrics

Information


Source identifier

[email protected]

Vulnerability status

Received

Published

2024-06-04T06:15:09.937

1 week ago

Last modified

2024-06-04T06:15:09.937

1 week ago