CVE-2024-7816

Name of the Vulnerable Software and Affected Versions Gixaw Chat WordPress plugin versions 1.0 and earlier

Description The issue is related to the lack of CSRF checks in some places, as well as missing sanitization and escaping, which could allow attackers to make logged-in admins add Stored XSS payloads via a CSRF attack.

Recommendations For Gixaw Chat WordPress plugin versions 1.0 and earlier, update to a version that includes proper CSRF checks, sanitization, and escaping to prevent potential attacks. As a temporary workaround, consider restricting access to sensitive areas of the plugin to minimize the risk of exploitation.