Simple Ajax Chat < 20220216 – Sensitive Information Disclosure | CVE 2022-27849

Affects Plugins

simple-ajax-chat

Fixed in 20220216

References

CVE

CVE-2022-27849

Classification

Type

SENSITIVE DATA DISCLOSURE

OWASP top 10

A3: Sensitive Data Exposure

CWE

CWE-200

CVSS

5.3 (medium)

Miscellaneous

Original Researcher

Ex.Mi

Verified

No

WPVDB ID

883ff948-0eb6-4e2d-8fec-2bd7198e1c74

Timeline

Publicly Published

2022-04-15 (about 3 years ago)

Added

2022-04-16 (about 3 years ago)

Last Updated

2022-04-18 (about 3 years ago)

Other

Published

Title

Published

2023-12-18

Title

Clone < 2.4.3 - Unauthenticated Backup Download

Published

2025-09-15

Title

The Events Calendar < 6.15.3 - Unauthenticated Password-Protected Information Disclosure

Published

2025-11-03

Title

Backup Migration < 2.0.0 - Unauthenticated Backup Download

Published

2024-11-28

Title

Content Audit Exporter <= 1.1 - Unauthenticated Sensitive Information Exposure

Published

2025-01-17

Title

Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin < 2.9.2 - Information Exposure