Cross-Site Scripting Vulnerability in WP Live Chat Support Plugin by WordPress
CVE-2016-10879
6.1MEDIUM
Summary
The WP Live Chat Support Plugin for WordPress is susceptible to a Cross-Site Scripting (XSS) vulnerability that affects versions prior to 6.2.02. This security flaw allows attackers to inject malicious scripts into web pages viewed by users, potentially leading to unauthorized actions or data exposure. It is crucial for users of the plugin to update to the latest version to secure their websites against this threat.
References
CVSS V3.1
Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved