Acobot Live Chat & Contact Form

acobot_live_chat_&_contact_form

Vendor: Acobot Live Chat & Contact Form Project • 1 CVE

CVEs (1)

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2015-2039

1Acobot Live Chat & Contact Form Project

1Acobot Live Chat & Contact Form

May 6, 2026

Feb 20, 2015

N/A· v4

N/A· v3

6.8 MEDIUM· v2

Multiple cross-site request forgery (CSRF) vulnerabilities in the Acobot Live Chat & Contact Form plugin 2.0 for WordPress allow remote attackers to hijack the authentication of administrators for requests that (1) change plugin settings or (2) conduct cross-site scripting (XSS) attacks via the acobot_token parameter in the acobot page to wp-admin/options-general.php.Show less