CVE-2023-49821

Name of the Vulnerable Software and Affected Versions LiveChat – WP live chat plugin for WordPress versions through 4.5.15

Description A Cross-Site Request Forgery (CSRF) issue affects the LiveChat – WP live chat plugin for WordPress. This issue allows an attacker to perform actions on behalf of a user without their knowledge.

Recommendations For versions through 4.5.15, update to a version later than 4.5.15 to resolve the issue. As a temporary workaround, consider implementing additional security measures to prevent CSRF attacks, such as validating user requests and ensuring that sensitive actions require explicit user confirmation.