cleantalk
Vulnerabilities and Security Researches

Vulnerabilities and security researches foravchat-3 avchat-3

Direction: ascending
Jun 06, 2024

Community Lite Video Chat # 12108f2d6b7cdd384ce360bc60e3cf6c2dcb247d

CVE, Research URL

12108f2d6b7cdd384ce360bc60e3cf6c2dcb247d

Home page URL

Security reports for Community Lite Video Chat

Application

Community Lite Video Chat

Date
Aug 01, 2014
Research Description
Community Lite Video Chat [avchat-3] < 1.4.2 (closed) WordPress AVChat Video Chat Plugin <= 1.4.1 - Reflected XSS This plugin is prone to a cross site scripting vulnerability in index_popup.php parameter. Update the plugin.
Affected versions
max 1.4.2.
Status
vulnerable
Oct 22, 2024

Community Lite Video Chat # CVE-2024-49605

CVE, Research URL

CVE-2024-49605

Home page URL

Security reports for Community Lite Video Chat

Application

Community Lite Video Chat

Date
Oct 20, 2024
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in Stefan Nour AVChat Video Chat avchat-3 allows Stored XSS.This issue affects AVChat Video Chat: from n/a through <= 2.2.
Affected versions
max 2.2.
Status
vulnerable
Jun 16, 2026

Community Lite Video Chat # fce99c82-3958-4c17-88d3-6e8fa1a11e59

CVE, Research URL

fce99c82-3958-4c17-88d3-6e8fa1a11e59

Home page URL

Security reports for Community Lite Video Chat

Application

Community Lite Video Chat

Date
-
Research Description
Community Lite Video Chat [avchat-3] < 1.4.2 (closed) AVChat Video Chat 1.4.1 - index_popup.php Multiple Parameters Reflected XSS The Community Lite Video Chat WordPress plugin was affected by an index_popup.php Multiple Parameters Reflected XSS security vulnerability.
Affected versions
max 1.4.2.
Status
vulnerable

Community Lite Video Chat # ba5004a0eabc32b9470115e736d8f49c11d78fee

CVE, Research URL

ba5004a0eabc32b9470115e736d8f49c11d78fee

Home page URL

Security reports for Community Lite Video Chat

Application

Community Lite Video Chat

Date
Jul 07, 2014
Research Description
Community Lite Video Chat [avchat-3] < 1.4.2 (closed) Community Lite Video Chat < 1.4.2 - Reflected Cross-Site Scripting The Community Lite Video Chat plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘FB_appId’ and ‘movie_param’ parameters in versions up to, and including, 1.4.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
Affected versions
max 1.4.2.
Status
vulnerable