Persistent Cross-site Scripting in WP Live Chat Support Plugin

During a routine research audits for our Sucuri Firewall, we discovered an Unauthenticated Persistent Cross-Site Scripting (XSS) affecting 60,000+ users of the WP Live Chat Support WordPress plugin.

Current State of the Vulnerability

Though this security bug has been fixed in the 8.0.27 release, it can be exploited by an attacker without any account in the vulnerable site.

We are not aware of any exploit attempts currently using this vulnerability.

Continue reading Persistent Cross-site Scripting in WP Live Chat Support Plugin at Sucuri Blog.

Story added 15. May 2019, content source with full text you can find at link above.

Comments are closed.

More antivirus and malware news?

Persistent Cross-site Scripting in WP Live Chat Support Plugin

More antivirus and malware news?

Ads

Security news

Malware

Security

IT security

About site

Search Terms Tips

Recent New Tips

Recent Posts