Tidio – Live Chat & AI Chatbots, d4067348-a597-40bc-8ec8-a751efde353a
- CVE, Research URL
- Home page URL
- Application
- Published on
- -
- Research Description
- Tidio – Live Chat & AI Chatbots [tidio-live-chat] < 4.2.0 Tidio Live Chat <= 4.1.0 - CSRF to Stored XSS A CSRF vulnerability in the Tidio Live Chat WordPress Plugin <= 4.1.0 allows attackers to trick admins into adding a Stored XSS payload presented to all visitors. Fixed in 4.2.0.
- Affected versions
-
max 4.2.0.
- Status
-
vulnerable