Search criteria
2 vulnerabilities found for WP Social Chat – Click To Chat App by Unknown
CVE-2022-2361 (GCVE-0-2022-2361)
Vulnerability from cvelistv5 – Published: 2022-08-22 15:01 – Updated: 2024-08-03 00:32
VLAI?
Title
Social Chat < 6.0.5 - Admin+ Stored Cross-Site Scripting
Summary
The WP Social Chat WordPress plugin before 6.0.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks.
Severity ?
No CVSS data available.
CWE
- CWE-79 - Cross-Site Scripting (XSS)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | WP Social Chat – Click To Chat App |
Affected:
6.0.5 , < 6.0.5
(custom)
|
Credits
Raad Haddad
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:32:09.618Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/aa69377d-ba9e-4a2f-921c-be2ab5edcb4e"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WP Social Chat \u2013 Click To Chat App",
"vendor": "Unknown",
"versions": [
{
"lessThan": "6.0.5",
"status": "affected",
"version": "6.0.5",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Raad Haddad"
}
],
"descriptions": [
{
"lang": "en",
"value": "The WP Social Chat WordPress plugin before 6.0.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-Site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-22T15:01:30",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpscan.com/vulnerability/aa69377d-ba9e-4a2f-921c-be2ab5edcb4e"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Social Chat \u003c 6.0.5 - Admin+ Stored Cross-Site Scripting",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2022-2361",
"STATE": "PUBLIC",
"TITLE": "Social Chat \u003c 6.0.5 - Admin+ Stored Cross-Site Scripting"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WP Social Chat \u2013 Click To Chat App",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "6.0.5",
"version_value": "6.0.5"
}
]
}
}
]
},
"vendor_name": "Unknown"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Raad Haddad"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The WP Social Chat WordPress plugin before 6.0.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks."
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-Site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpscan.com/vulnerability/aa69377d-ba9e-4a2f-921c-be2ab5edcb4e",
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/aa69377d-ba9e-4a2f-921c-be2ab5edcb4e"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2022-2361",
"datePublished": "2022-08-22T15:01:30",
"dateReserved": "2022-07-09T00:00:00",
"dateUpdated": "2024-08-03T00:32:09.618Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-2361 (GCVE-0-2022-2361)
Vulnerability from nvd – Published: 2022-08-22 15:01 – Updated: 2024-08-03 00:32
VLAI?
Title
Social Chat < 6.0.5 - Admin+ Stored Cross-Site Scripting
Summary
The WP Social Chat WordPress plugin before 6.0.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks.
Severity ?
No CVSS data available.
CWE
- CWE-79 - Cross-Site Scripting (XSS)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | WP Social Chat – Click To Chat App |
Affected:
6.0.5 , < 6.0.5
(custom)
|
Credits
Raad Haddad
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:32:09.618Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/aa69377d-ba9e-4a2f-921c-be2ab5edcb4e"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WP Social Chat \u2013 Click To Chat App",
"vendor": "Unknown",
"versions": [
{
"lessThan": "6.0.5",
"status": "affected",
"version": "6.0.5",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Raad Haddad"
}
],
"descriptions": [
{
"lang": "en",
"value": "The WP Social Chat WordPress plugin before 6.0.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-Site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-22T15:01:30",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpscan.com/vulnerability/aa69377d-ba9e-4a2f-921c-be2ab5edcb4e"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Social Chat \u003c 6.0.5 - Admin+ Stored Cross-Site Scripting",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2022-2361",
"STATE": "PUBLIC",
"TITLE": "Social Chat \u003c 6.0.5 - Admin+ Stored Cross-Site Scripting"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WP Social Chat \u2013 Click To Chat App",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "6.0.5",
"version_value": "6.0.5"
}
]
}
}
]
},
"vendor_name": "Unknown"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Raad Haddad"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The WP Social Chat WordPress plugin before 6.0.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks."
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-Site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpscan.com/vulnerability/aa69377d-ba9e-4a2f-921c-be2ab5edcb4e",
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/aa69377d-ba9e-4a2f-921c-be2ab5edcb4e"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2022-2361",
"datePublished": "2022-08-22T15:01:30",
"dateReserved": "2022-07-09T00:00:00",
"dateUpdated": "2024-08-03T00:32:09.618Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}