Lucene search
WPScanCVE-2024-1983HistoryMar 20, 2024 - 5:15 a.m.
CVE-2024-1983
2024-03-2005:15:45
WPScan
web.nvd.nist.gov
45
cve-2024-1983
simple ajax chat
wordpress
plugin
security
vulnerability
nvd
CVSS3
7.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
AI Score
9.3
Confidence
High
EPSS
0
Percentile
9.0%
The Simple Ajax Chat WordPress plugin before 20240223 does not prevent visitors from using malicious Names when using the chat, which will be reflected unsanitized to other users.
Affected configurations
Node
plugin-planetsimple_ajax_chatRange<20240223wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| plugin-planet | simple_ajax_chat | * | cpe:2.3:a:plugin-planet:simple_ajax_chat:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"vendor": "Unknown",
"product": "Simple Ajax Chat ",
"versions": [
{
"status": "affected",
"versionType": "semver",
"version": "0",
"lessThan": "20240223"
}
],
"defaultStatus": "unaffected"
}
]Related
nvd
nvd
CVE-2024-1983
2024-03-20 05:15:45
CVE-2024-2957
2024-04-09 19:15:38
wpexploit
wpexploit
Simple Ajax Chat < 20240223 - Unauthenticated Stored XSS
2024-02-28 00:00:00
cvelist
cvelist
CVE-2024-1983 Simple Ajax Chat < 20240223 - Unauthenticated Stored XSS
2024-03-20 05:00:02
wpvulndb
wpvulndb
Simple Ajax Chat < 20240223 - Unauthenticated Stored XSS
2024-02-28 00:00:00
vulnrichment
vulnrichment
CVE-2024-1983 Simple Ajax Chat < 20240223 - Unauthenticated Stored XSS
2024-03-20 05:00:02
cve
cve
CVE-2024-2957
2024-04-09 19:15:38
wordfence
wordfence
CVSS3
7.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
AI Score
9.3
Confidence
High
EPSS
0
Percentile
9.0%
Related for CVE-2024-1983