Vulnerabilities and security researches forwpguppy-lite wpguppy-lite

Jan 08, 2025

CVE, Research URL: CVE-2024-49222
Home page URL: Security reports for WP Guppy Lite – A live chat plugin for WordPress
Application: WP Guppy Lite – A live chat plugin for WordPress
Date: Jan 07, 2025
Research Description: Deserialization of Untrusted Data vulnerability in Amento Tech Pvt ltd WPGuppy allows Object Injection.This issue affects WPGuppy: from n/a through 1.1.0.
Affected versions: max 1.1.1.
Status: vulnerable

Feb 05, 2025

CVE, Research URL: CVE-2025-24643
Home page URL: Security reports for WP Guppy Lite – A live chat plugin for WordPress
Application: WP Guppy Lite – A live chat plugin for WordPress
Date: Feb 03, 2025
Research Description: Missing Authorization vulnerability in Amento Tech Pvt ltd WPGuppy allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WPGuppy: from n/a through 1.1.0.
Affected versions: max 1.1.1.
Status: vulnerable

Apr 02, 2025

CVE, Research URL: CVE-2025-30775
Home page URL: Security reports for WP Guppy Lite – A live chat plugin for WordPress
Application: WP Guppy Lite – A live chat plugin for WordPress
Date: Mar 27, 2025
Research Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AmentoTech Private Limited WPGuppy allows SQL Injection. This issue affects WPGuppy: from n/a through 1.1.3.
Affected versions: max 1.1.4.
Status: vulnerable

Nov 11, 2025

CVE, Research URL: CVE-2025-49910
Home page URL: Security reports for WP Guppy Lite – A live chat plugin for WordPress
Application: WP Guppy Lite – A live chat plugin for WordPress
Date: Oct 22, 2025
Research Description: Missing Authorization vulnerability in AmentoTech Private Limited WPGuppy wpguppy-lite allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPGuppy: from n/a through <= 1.1.4.
Affected versions: max 1.1.4.
Status: vulnerable