cleantalk
Vulnerabilities and Security Researches

Zalo Official Live Chat, CVE-2025-46498

CVE, Research URL

CVE-2025-46498

Home page URL

Security reports for Zalo Official Live Chat

Application

Zalo Official Live Chat

Published on
Apr 24, 2025
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in nghialuu Zalo Official Live Chat allows Cross Site Request Forgery. This issue affects Zalo Official Live Chat: from n/a through 1.0.0.
Affected versions
Min -, max 1.0.0.
Status
vulnerable
Previous vulnerability researches
Giveaway Boost (CVE-2024-49332) , Oct 20, 2024
New vulnerability
Control Listings – Classifieds Ads Directory Portal Manager (CVE-2025-46234) , Apr 26, 2025
WordPress Tooltip (CVE-2025-46532) , Apr 26, 2025
Business Contact Widget (CVE-2025-46529) , Apr 26, 2025
Drop Caps (CVE-2025-46495) , Apr 26, 2025
WpZon – Amazon Affiliate Plugin (CVE-2025-46506) , Apr 26, 2025