CVE-2024-1983

Published: Mar 20, 2024Modified: May 5, 2025

7.1

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Exploitability: 2.8 / Impact: 3.7

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

The Simple Ajax Chat WordPress plugin before 20240223 does not prevent visitors from using malicious Names when using the chat, which will be reflected unsanitized to other users.

Affected (1)

Products: Plugin Planet: Simple Ajax Chat

Plugin Planet

1 product

Simple Ajax Chat

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Plugin Planet Simple Ajax Chat	Before 20240223

References (2)

https://wpscan.com/vulnerability/bf3a31de-a227-4db1-bd18-ce6a78dc96fb/

Source: contact@wpscan.com

ExploitThird Party Advisory

https://wpscan.com/vulnerability/bf3a31de-a227-4db1-bd18-ce6a78dc96fb/

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.