CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-6498

The Chatbot for WordPress by Collect.chat ⚡️ WordPress plugin before 2.4.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 4.4%

CVSS Severity

CVSS v3 Score 4.8

References

https://wpscan.com/vulnerability/eed58889-4be8-48df-9ef6-269df451e79e/

Products affected by CVE-2024-6498

Micro.company » Collect.chat » Version: N/A

cpe:2.3:a:micro.company:collect.chat:-
Micro.company » Collect.chat » Version: 1.0.0

cpe:2.3:a:micro.company:collect.chat:1.0.0
Micro.company » Collect.chat » Version: 2.0.0

cpe:2.3:a:micro.company:collect.chat:2.0.0
Micro.company » Collect.chat » Version: 2.0.5

cpe:2.3:a:micro.company:collect.chat:2.0.5
Micro.company » Collect.chat » Version: 2.4.0

cpe:2.3:a:micro.company:collect.chat:2.4.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-6498

Products

Pricing

Contact Us