cleantalk
Vulnerabilities and Security Researches

Author Chat, a94210f52a48951e6bf6f22babe49cbbd70dd753

CVE, Research URL

a94210f52a48951e6bf6f22babe49cbbd70dd753

Home page URL

Security reports for Author Chat

Application

Author Chat

Published on
Jun 26, 2019
Research Description
Author Chat [author-chat] < 2.0.0 (closed) Author Chat <= 1.9.0 - SQL Injection The Author Char plugin for WordPress is vulnerable to generic SQL Injection in versions up to, and including, 1.9.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Affected versions
max 2.0.0.
Status
vulnerable
Previous vulnerability researches
WPvivid Backup for MainWP (ec00cf2f6a6757dc3371250c1689bf0e482f89f9) , Jun 16, 2026
WPvivid Backup for MainWP (2c3fbbc425bd92d0f969e669e6a4b8564997aa02) , Jun 16, 2026
WPvivid Backup for MainWP (CVE-2024-35664) , Jun 06, 2024
WPvivid Backup for MainWP (CVE-2024-1383) , Jun 06, 2024
New vulnerability
Education Addon for Elementor (89e7cec953a3acfa93afdb12f1c8bed3138a18b0) , Jun 16, 2026
Education Addon for Elementor (6d8910c719b2a132ec93828cd37e418b19cac960) , Jun 16, 2026
StreamCast &#8211; Radio Player for WordPress (0d7595c0f0dffd5e6f4a7c77143d581cc46240b4) , Jun 16, 2026
StreamCast &#8211; Radio Player for WordPress (d57d3b30ff17cef716e0a207565fd8c9fc926130) , Jun 16, 2026
StreamCast &#8211; Radio Player for WordPress (6d8910c719b2a132ec93828cd37e418b19cac960) , Jun 16, 2026