CVE-2024-1983

CVSS v3.1

7.1

High

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions The Simple Ajax Chat WordPress plugin versions prior to 20240223

Description The issue concerns the reflection of unsanitized input to other users, specifically when visitors use malicious names in the chat. This allows for potential malicious activity.

Recommendations For versions prior to 20240223, update to version 20240223 or later to resolve the issue. As a temporary workaround, consider restricting user input for names in the chat to minimize the risk of exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2024-1983

Affected Products

Simple Ajax Chat

CVE-2024-1983

Related Identifiers

Affected Products

References · 6