Log out
Get PRO

Latest

Access violation vulnerability in Chat Widget: Customer Support Button with SMS Call Button, Click to Chat Messenger, Live Chat Support Chat Button – Bit Assist 1.5.2

  • Severity: medium-risk
  • Status: Fixed
  • Publication: February 14, 2025

The Bit Assist plugin for WordPress has a security issue called Path Traversal, which can be found in all versions up to 1.5.2. This means that attackers who are logged in and have at least Subscriber-level access can view the contents of any file on the server, including files with private information.

Detected in:

Chat Widget: Customer Support Button with SMS Call Button, Click to Chat Messenger Live Chat Support Chat Button – Bit Assist fixed vulnerable versions:
Chat Widget: Floating Customer Support Button for 30+ Channels, Supporting SMS, Calls, and Chat – Bit Assist fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.