cleantalk
Vulnerabilities and Security Researches

Community Lite Video Chat, ba5004a0eabc32b9470115e736d8f49c11d78fee

CVE, Research URL

ba5004a0eabc32b9470115e736d8f49c11d78fee

Home page URL

Security reports for Community Lite Video Chat

Application

Community Lite Video Chat

Published on
Jul 07, 2014
Research Description
Community Lite Video Chat [avchat-3] < 1.4.2 (closed) Community Lite Video Chat < 1.4.2 - Reflected Cross-Site Scripting The Community Lite Video Chat plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘FB_appId’ and ‘movie_param’ parameters in versions up to, and including, 1.4.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
Affected versions
max 1.4.2.
Status
vulnerable
Previous vulnerability researches
Community Lite Video Chat (fce99c82-3958-4c17-88d3-6e8fa1a11e59) , Jun 16, 2026
Community Lite Video Chat (ba5004a0eabc32b9470115e736d8f49c11d78fee) , Jun 16, 2026
Community Lite Video Chat (12108f2d6b7cdd384ce360bc60e3cf6c2dcb247d) , Jun 06, 2024
Community Lite Video Chat (CVE-2024-49605) , Oct 22, 2024
New vulnerability
leenk.me (753d31765913b4d2dbb8af0a5512e5f1f8c70c61) , Jun 16, 2026
Social Hashtags (5abd4657-8a58-4d97-b8cb-b67235ab5b8a) , Jun 16, 2026
Social Hashtags (1965c7b04565befbb11c28b56cb6922733a47b03) , Jun 16, 2026
Social Hashtags (a7cf6766582e354e702766a86f85716127d19bdc) , Jun 16, 2026
Simple Calendar &#8211; Google Calendar Plugin (e98a6264-9c5a-417f-b2f8-bd0017b411a0) , Jun 16, 2026