Vulnerability Details CVE-2024-49281
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Ninja Team Click to Chat – WP Support All-in-One Floating Widget support-chat allows Stored XSS.This issue affects Click to Chat – WP Support All-in-One Floating Widget: from n/a through <= 2.3.3.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 68.0%
CVSS Severity
CVSS v3 Score 6.5
Products affected by CVE-2024-49281
-
cpe:2.3:a:ninjateam:click_to_chat:-
-
cpe:2.3:a:ninjateam:click_to_chat:1.2.2
-
cpe:2.3:a:ninjateam:click_to_chat:2.0
-
cpe:2.3:a:ninjateam:click_to_chat:2.1
-
cpe:2.3:a:ninjateam:click_to_chat:2.2
-
cpe:2.3:a:ninjateam:click_to_chat:2.3
-
cpe:2.3:a:ninjateam:click_to_chat:2.3.1
-
cpe:2.3:a:ninjateam:click_to_chat:2.3.2
-
cpe:2.3:a:ninjateam:click_to_chat:2.3.3