cleantalk
Vulnerabilities and Security Researches

Simple Ajax Chat – Add a Fast, Secure Chat Box, CVE-2024-2470

CVE, Research URL

CVE-2024-2470

Home page URL

Security reports for Simple Ajax Chat – Add a Fast, Secure Chat Box

Application

Simple Ajax Chat – Add a Fast, Secure Chat Box

Published on
Jun 04, 2024
Research Description
The Simple Ajax Chat WordPress plugin before 20240412 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
Affected versions
max 20240412.
Status
vulnerable
Previous vulnerability researches
Simple Ajax Chat – Add a Fast, Secure Chat Box (CVE-2024-2470) , Jun 07, 2024
Simple Ajax Chat – Add a Fast, Secure Chat Box (CVE-2022-25610) , Jun 07, 2024
Simple Ajax Chat – Add a Fast, Secure Chat Box (CVE-2024-1983) , Jun 07, 2024
Simple Ajax Chat – Add a Fast, Secure Chat Box (CVE-2024-2956) , Jun 07, 2024
Simple Ajax Chat – Add a Fast, Secure Chat Box (CVE-2022-27849) , Jun 07, 2024
New vulnerability
AMP Enhancer – Compatibility Layer for Official AMP Plugin (CVE-2026-2027) , Apr 16, 2026
WaveSurfer-WP (CVE-2026-1909) , Apr 16, 2026
xmlrpc attacks blocker (CVE-2026-2502) , Apr 16, 2026
Templately – Gutenberg & Elementor Template Library: 5000+ Free & Pro Ready Templates & Cloud! (CVE-2026-0831) , Apr 16, 2026
iRobots.txt SEO (CVE-2025-68840) , Apr 16, 2026