Vulnerabilities > CVE-2023-51370 - Unspecified vulnerability in Ninjateam WP Chat APP

CVSS 4.8 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

LOW

Integrity impact

LOW

Availability impact

NONE

network

low complexity

ninjateam

NVD

Published: 2024-02-12

Updated: 2024-10-10

Summary

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NinjaTeam WP Chat App allows Stored XSS.This issue affects WP Chat App: from n/a through 3.4.4.

Vulnerable Configurations

Part	Description	Count
Application	Ninjateam Ninjateam WP Chat APP - Ninjateam WP Chat APP 2.6 Ninjateam WP Chat APP 3.4 Ninjateam WP Chat APP 3.4.1 Ninjateam WP Chat APP 3.4.2 Ninjateam WP Chat APP 3.4.4	6

References

https://patchstack.com/database/vulnerability/wp-whatsapp/wordpress-wp-chat-app-plugin-3-4-4-cross-site-scripting-xss-vulnerability?_s_id=cve