Log out
Get PRO

Latest

Access violation vulnerability in Chat Widget: Customer Support Button with SMS Call Button, Click to Chat Messenger, Live Chat Support Chat Button – Bit Assist 1.5.4

  • Severity: medium-risk
  • Status: Fixed
  • Publication: March 28, 2025

The Chat Widget, a Customer Support Button with SMS Call Button, Click to Chat Messenger, and Live Chat Support Chat Button, is a plugin for WordPress called Bit Assist. Unfortunately, this plugin is at risk for a security issue called Path Traversal. This means that anyone, even without proper authentication, can access and manipulate files that are not meant to be accessed. This vulnerability exists in all versions of the plugin up to and including 1.5.4.

Detected in:

Chat Widget: Customer Support Button with SMS Call Button, Click to Chat Messenger Live Chat Support Chat Button – Bit Assist fixed vulnerable versions:
Chat Widget: Floating Customer Support Button for 30+ Channels, Supporting SMS, Calls, and Chat – Bit Assist fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.