← back
CVE-2019-12498

CVE-2019-12498

EPSS 2.0%
The WP Live Chat Support plugin before 8.0.33 for WordPress accepts certain REST API calls without invoking the wplc_api_permission_check protection mechanism.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://plugins.trac.wordpress.org/changeset/2098577/wp-live-chat-support/trunkhttps://plugins.trac.wordpress.org/log/wp-live-chat-support/https://wordpress.org/plugins/wp-live-chat-support/#developers