Vulnerabilities > Iflychat > Iflychat > 1.1.9

DATE CVE VULNERABILITY TITLE RISK
2024-03-31 CVE-2024-31108 Cross-site Scripting vulnerability in Iflychat
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in iFlyChat Team iFlyChat – WordPress Chat iflychat allows Stored XSS.This issue affects iFlyChat – WordPress Chat: from n/a through 4.7.2.
network
low complexity
iflychat CWE-79
5.4
5.4
2021-06-07 CVE-2021-24343 Cross-site Scripting vulnerability in Iflychat
The iFlyChat WordPress plugin before 4.7.0 does not sanitise its APP ID setting before outputting it back in the page, leading to an authenticated Stored Cross-Site Scripting issue
network
low complexity
iflychat CWE-79
4.8
4.8