← back
CVE-2022-2361

Social Chat < 6.0.5 - Admin+ Stored Cross-Site Scripting

EPSS 0.5%CWE-79
The WP Social Chat WordPress plugin before 6.0.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks.
Affected products
Unknown · WP Social Chat – Click To Chat App

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://wpscan.com/vulnerability/aa69377d-ba9e-4a2f-921c-be2ab5edcb4e