cleantalk
Vulnerabilities and Security Researches

Floating Chat Widget: Contact Chat Icons, WhatsApp, Telegram Chat, Line Messenger, WeChat, Email, SMS, Call Button – Chaty, CVE-2021-36846

CVE, Research URL

CVE-2021-36846

Home page URL

Security reports for Floating Chat Widget: Contact Chat Icons, WhatsApp, Telegram Chat, Line Messenger, WeChat, Email, SMS, Call Button – Chaty

Application

Floating Chat Widget: Contact Chat Icons, WhatsApp, Telegram Chat, Line Messenger, WeChat, Email, SMS, Call Button – Chaty

Published on
Apr 12, 2022
Research Description
Authenticated (admin or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Premio Chaty (WordPress plugin) <= 2.8.3
Affected versions
Min -, max 2.8.5.
Status
vulnerable
Previous vulnerability researches
Floating Chat Widget: Contact Chat Icons, WhatsApp, Telegram Chat, Line Messenger, WeChat, Email, SMS, Call Button – Chaty (CVE-2025-1450) , Feb 28, 2025
Floating Chat Widget: Contact Chat Icons, WhatsApp, Telegram Chat, Line Messenger, WeChat, Email, SMS, Call Button – Chaty (CVE-2021-36846) , Jun 07, 2024
Floating Chat Widget: Contact Chat Icons, WhatsApp, Telegram Chat, Line Messenger, WeChat, Email, SMS, Call Button – Chaty (CVE-2024-2972) , Jun 07, 2024
Floating Chat Widget: Contact Chat Icons, WhatsApp, Telegram Chat, Line Messenger, WeChat, Email, SMS, Call Button – Chaty (CVE-2021-25016) , Jun 07, 2024
Floating Chat Widget: Contact Chat Icons, WhatsApp, Telegram Chat, Line Messenger, WeChat, Email, SMS, Call Button – Chaty (CVE-2022-3858) , Jun 07, 2024
New vulnerability
Printcart Web to Print Product Designer for WooCommerce (CVE-2025-47641) , May 20, 2025
Formality (CVE-2025-3858) , May 20, 2025
PowerPress Podcasting plugin by Blubrry (CVE-2024-9227) , May 19, 2025
Free Booking Plugin for Hotels, Restaurant and Car Rental &#8211; eaSYNC (CVE-2024-9450) , May 19, 2025
PWA for WP &amp; AMP (CVE-2024-7759) , May 19, 2025