Vulnerabilities > 3CX > Live Chat > 2.4

DATE CVE VULNERABILITY TITLE RISK
2018-04-09 CVE-2018-9864 Cross-site Scripting vulnerability in 3CX Live Chat
The WP Live Chat Support plugin before 8.0.06 for WordPress has stored XSS via the Name field.
network
low complexity
3cx CWE-79
6.1
6.1
2017-06-09 CVE-2017-2187 Cross-site Scripting vulnerability in 3CX Live Chat
Cross-site scripting vulnerability in WP Live Chat Support prior to version 7.0.07 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
network
low complexity
3cx CWE-79
6.1
6.1