Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.2
CVE-2024-7869
- EPSS 1.13%
- Veröffentlicht 01.10.2024 08:15:03
- Zuletzt bearbeitet 04.10.2024 13:51:25
The 123.chat - Video Chat plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.3.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers t...
4.8
CVE-2023-4298
- EPSS 0.23%
- Veröffentlicht 04.09.2023 12:15:10
- Zuletzt bearbeitet 23.04.2025 17:16:43
The 123.chat WordPress plugin before 1.3.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (...
1