Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in Floating Chat Widget: Contact Chat Icons, WhatsApp, Telegram Chat, Line Messenger, WeChat, Email, SMS, Call Button – Chaty 3.2.2

  • Severity: medium-risk
  • Status: Fixed
  • Publication: May 23, 2024

The Floating Chat Widget plugin for WordPress is at risk of allowing hackers to inject malicious code into the website through the admin settings. This could potentially harm users who visit the affected pages. This vulnerability only affects certain types of installations and can be prevented by disabling a certain setting.

Detected in:

Floating Chat Widget: Contact Chat Icons, Telegram Chat, Line Messenger, WeChat, Email, SMS, Call Button – Chaty fixed vulnerable versions: >= * <= 3.2.2
Floating Chat Widget: Contact Chat Icons, Telegram Chat, Line Messenger, WeChat, Email, SMS, Call Button, WhatsApp – Chaty fixed vulnerable versions:
Floating Chat Widget: Contact Chat Icons, WhatsApp, Telegram Chat, Line Messenger, WeChat, Email, SMS, Call Button – Chaty fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.