WordPress Plugin Vulnerabilities

LiveChat < 3.7.6 - Unauthenticated Option Update/Reset and Stored XSS

Description

The lack of proper CSRF and Authorisation checks could allow an unauthenticated attacker to update or reset the plugin's settings. Furthermore, when updating the livechat_email option, no sanitisation is performed, leading to a Stored XSS issue in the plugin's settings page.

CSRF and XSS fixed in 3.7.3, however the authorisation part added an is_admin() (which only check if the dashboard or admin panel is trying to be displayed) check. Fixed in 3.7.6

Proof of Concept

Affects Plugins

Plugin icon
wp-live-chat-software-for-wordpress
Fixed in 3.7.6

References

URL
https://plugins.trac.wordpress.org/changeset?reponame=&new=2113080%40wp-live-chat-software-for-wordpress&old=2103185%40wp-live-chat-software-for-wordpress

Miscellaneous

Verified
No
WPVDB ID
f7251264-798a-4fdb-8436-040542f298fb

Timeline

Publicly Published
2019-06-26 (about 6 years ago)
Added
2019-07-09 (about 6 years ago)
Last Updated
2019-08-14 (about 6 years ago)

Other

Published
Title
Published
2014-08-01
Title
Love It - XSS / Content Spoofing / Path Disclosure
Published
2021-06-30
Title
MailOptin < 1.2.35.2 - Unauthorised AJAX Call
Published
2019-06-19
Title
Shortlinks by Pretty Links <= 2.1.9 - Stored XSS and CSV Injection
Published
2019-03-25
Title
Ads for WP <= 1.5 - XSS & Lack of Authorisation
Published
2015-03-17
Title
Import any XML or CSV File to WordPress <= 3.2.4 - Multiple Vulnerabilities