When the unfiltered_html setting is enabled, user input is not sanitised and could be used to perform Stored Cross-Site Scripting attacks.

When the unfiltered_html setting is enabled, user input is not sanitised and could be used to perform Stored Cross-Site Scripting attacks. Retain Live Chat plugin through 0.1 does not properly escape data sent from client to server, which could lead to XSS attacks.

Retain Live Chat plugin through 0.1 does not properly escape data sent from client to server, which could lead to XSS attacks. Retain Live Chat plugin through 0.1 does not properly sanitise some of its configuration settings.

Retain Live Chat plugin through 0.1 does not properly sanitise some of its configuration settings. Retain Live Chat plugin through 0.1 does not properly validate its input before sending it to the server, which could lead to XSS attacks.

Retain Live Chat plugin through 0.1 does not properly validate its input before sending it to the server, which could lead to XSS attacks. Retain Live Chat plugin through 0.1 does not properly sanitise user-provided data before sending it to the server, which could lead to XSS attacks.

Retain Live Chat plugin through 0.1 does not properly sanitise user-provided data before sending it to the server, which could lead to XSS

How to find the versions affected back to top

1.4.1 Retain Live Chat plugin through 0.2

When the unfiltered_html setting is enabled, user input is not sanitised and could be used to perform Stored Cross-Site Scripting attacks.

When the unfiltered_html setting is enabled, user input is not sanitised and could be used to perform Stored Cross-Site Scripting attacks. Retain Live Chat plugin through 0.2 does not properly validate its input before sending it to the server, which could lead to XSS attacks.

Retain Live Chat plugin through 0.2 does not properly validate its input before sending it to the server, which could lead to XSS attacks. Retain Live Chat plugin through 0.2 does not properly sanitise some of its configuration settings.

Retain Live Chat plugin through 0.2 does not properly sanitise some of its configuration settings. Retain Live Chat plugin through 0.2 does not properly validate user-supplied data before sending it to the server, which could lead to XSS attacks

Retain Live Chat plugin through 0.2

Retain Live Chat plugin through 0.2 properly sanitises user-provided data before sending it to the server, which could lead to XSS attacks.

Timeline

Published on: 10/25/2022 17:15:00 UTC
Last modified on: 10/26/2022 01:44:00 UTC

References