Holithemes ≫ Click To Chat

3 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.

6.4

CVE-2025-5336

EPSS 0.07%
Veröffentlicht 14.06.2025 08:23:26
Zuletzt bearbeitet 16.06.2025 12:32:18

The Click to Chat plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘data-no_number’ parameter in all versions up to, and including, 4.22 to insufficient input sanitization and output escaping. This makes it possible for authe...

8.8

CVE-2024-3849

EPSS 0.54%
Veröffentlicht 02.05.2024 17:15:31
Zuletzt bearbeitet 21.11.2024 09:30:32

The Click to Chat – HoliThemes plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.35. This makes it possible for authenticated attackers, with contributor access or above, to include and execute arbitra...

5.4

CVE-2022-4480

Exploit

EPSS 0.25%
Veröffentlicht 16.01.2023 16:15:12
Zuletzt bearbeitet 21.11.2024 07:35:20

The Click to Chat WordPress plugin before 3.18.1 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting a...

Team-orientierte Vulnerability Management Plattform

Features der Plattform

Holithemes ≫ Click To Chat

CVE-2025-5336

CVE-2024-3849

CVE-2022-4480