Ninjateam Wp_chat_app

6 CVEs affecting Ninjateam Wp_chat_app. Latest disclosed: 2024-11-16. Critical: 0, High: 0.

Top CVEs affecting Ninjateam Wp_chat_app
CVESeverityScorePublishedSummary
CVE-2024-2513Medium6.42024-04-09The WP Chat App plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'imageAlt' block attribute in all versions up to, and including, 3.6…
CVE-2024-1761Medium6.42024-03-07The WP Chat App plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widget/block in all versions up to, and including, 3.6.1 due…
CVE-2023-51370Medium5.92024-02-12Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NinjaTeam WP Chat App allows Stored XSS.This issue affect…
CVE-2024-2837Medium5.42024-04-26The WP Chat App WordPress plugin before 3.6.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admins to perfo…
CVE-2024-4664Medium4.82024-06-27The WP Chat App WordPress plugin before 3.6.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admins to perfo…
CVE-2024-10533Medium4.32024-11-16The WP Chat App plugin for WordPress is vulnerable to unauthorized plugin installation due to a missing capability check on the ajax_install_plugin() function…