Acobot Live Chat & Contact Form <= 2.0 – CSRF/XSS | CVE 2015-2039

Affects Plugins

acobot

No known fix

References

CVE

CVE-2015-2039

URL

https://packetstormsecurity.com/files/#130306/

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CWE-79

Miscellaneous

Submitter

ethicalhack3r

Submitter twitter

ethicalhack3r

Verified

No

WPVDB ID

8325f202-0b50-4990-89cd-dbb4e94bf33d

Timeline

Publicly Published

2015-02-22 (about 11 years ago)

Added

2015-02-10 (about 11 years ago)

Last Updated

2020-10-25 (about 5 years ago)

Other

Published

Title

Published

2015-05-06

Title

Facebook Page Photo Gallery <= 2.0.9 - DOM Cross-Site Scripting (XSS)

Published

2015-03-04

Title

Plugin Info Card <= 2.3.6 - Authenticated XSS

Published

2024-06-22

Title

WP eMember < 10.6.7 - Reflected XSS

Published

2015-01-12

Title

Page Builder by SiteOrigin 2.0.3 - Reflected XSS

Published

2023-11-29

Title

which template file < 5.1.0 - Reflected XSS