CVE-2024-1983

High

7.1/10

Summary

The Simple Ajax Chat WordPress plugin before 20240223 does not prevent visitors from using malicious Names when using the chat, which will be reflected unsanitized to other users.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: LOW
Scope: CHANGED
User Interaction: REQUIRED
Privileges Required: NONE
Confidentiality Impact: LOW
Availability Impact: LOW

References

Advisory Timeline

Published Mar 20, 2024

CVE-2024-1983

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS