3CX Free Live Chat, Calls & WhatsApp

Information

Software Type Plugin
Software Slug wp-live-chat-support (view on wordpress.org)
Software Status Active
Software Author wp-livechat
Software Website www.3cx.com
Software Downloads 3,289,672
Software Active Installs 90,000
Software Record Last Updated December 22, 2024

15 Vulnerabilities

8.8
CVE ID Unknown
Apr 28, 2022
Researcher: Moucadel Matthieu
9.8
CVE ID Unknown
Jul 6, 2015
Researcher: Marcin Probola
Title Status CVE ID CVSS Researchers Date
3CX Live Chat <= 9.4.2 - Local File Inclusion Patched 8.8 Moucadel Matthieu April 28, 2022
WP Live Chat Support <= 8.1.9 - Stored Cross-Site Scripting Patched 5.4 Chevon Phillip July 12, 2020
WP Live Chat Support <= 8.0.32 - Unprotected Functions Patched CVE-2019-12498 9.8 May 31, 2019
WP Live Chat Support <= 8.0.27 - Unauthenticated Stored Cross-Site Scripting Patched CVE-2019-14950 6.1 John Castro May 15, 2019
WP Live Chat Support <= 8.0.17 - Cross-Site Scripting Patched CVE-2019-9913 6.1 February 5, 2019
WP Live Chat Support <= 8.0.15 - Cross-Site Scripting Patched CVE-2018-18460 6.1 rakjong October 17, 2018
3CX Live Chat <= 8.0.07 - Cross-Site Scripting Patched CVE-2018-11105 6.1 RiieCco July 2, 2018
WP Live Chat Support <= 8.0.05 - Stored Cross-Site Scripting Patched CVE-2018-9864 6.1 Luigi Gubello April 9, 2018
WP Live Chat Support <= 7.1.04 - Cross-Site Scripting Patched CVE-2017-18507 6.1 Omaid Faizyar August 2, 2017
WP Live Chat Support <= 7.1.02 - Cross-Site Scripting Patched CVE-2017-18508 6.1 July 10, 2017
WP Live Chat Support <= 7.0.06 - Cross-Site Scripting Patched CVE-2017-2187 6.1 Chris Liu May 16, 2017
3CX Free Live Chat <= 6.2.03 - Unauthenticated Stored Cross-Site Scripting Patched CVE-2016-10879 6.1 August 1, 2016
WP Live Chat Support <= 4.3.5 - Blind SQL Injection Patched 9.8 Marcin Probola July 6, 2015
WP Live Chat Support <= 4.3.5 - Stored Cross-site Scripting Patched 6.4 Marcin Probola July 6, 2015
WP Live Chat Support < 4.1.0 - JavaScript Code Injection Patched CVE-2014-10386 6.1 Patrik July 20, 2014

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation