Lucene search
Krzysztof ZającWPVDB-ID:B5035987-6227-4FC6-BC45-1E8016E5C4C0HistoryDec 06, 2021 - 12:00 a.m.
Chaty Free < 2.8.3 & Pro < 2.8.2 - Reflected Cross-Site Scripting
2021-12-0600:00:00
Krzysztof Zając
wpscan.com
10
chaty
free
pro
versions
2.8.3
security
reflected
cross-site
scripting
EPSS
0.001
Percentile
46.7%
The plugins do not sanitise and escape the search parameter before outputting it back in the admin dashboard, leading to a Reflected Cross-Site Scripting
PoC
Related
patchstack
patchstack
openvas
openvas
WordPress Chaty Pro Plugin < 2.8.2 XSS Vulnerability
2022-06-20 00:00:00
WordPress Chaty Plugin < 2.8.4 XSS Vulnerability
2022-06-20 00:00:00
cnvd
cnvd
WordPress Chaty Cross-Site Scripting Vulnerability (CNVD-2022-03904)
2022-01-05 00:00:00
nuclei
nuclei
Chaty < 2.8.2 - Cross-Site Scripting
2023-10-16 18:37:06
prion
prion
Cross site scripting
2022-01-03 13:15:00
cvelist
cvelist
CVE-2021-25016 Chaty < 2.8.3 - Reflected Cross-Site Scripting
2022-01-03 12:49:12
nvd
nvd
CVE-2021-25016
2022-01-03 13:15:08
cve
cve
CVE-2021-25016
2022-01-03 13:15:08
wpexploit
wpexploit
Chaty Free < 2.8.3 & Pro < 2.8.2 - Reflected Cross-Site Scripting
2021-12-06 00:00:00