Vulnerabilities > Plugin Planet > Simple Ajax Chat > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-04-15 CVE-2022-27849 Information Exposure vulnerability in Plugin-Planet Simple Ajax Chat
Sensitive Information Disclosure (sac-export.csv) in Simple Ajax Chat (WordPress plugin) <= 20220115
network
low complexity
plugin-planet CWE-200
5.0
2022-04-15 CVE-2022-27850 Cross-Site Request Forgery (CSRF) vulnerability in Plugin-Planet Simple Ajax Chat
Cross-Site Request Forgery (CSRF) in Simple Ajax Chat (WordPress plugin) <= 20220115 allows an attacker to clear the chat log or delete a chat message.
4.3
2022-03-25 CVE-2022-25610 Cross-site Scripting vulnerability in Plugin-Planet Simple Ajax Chat
Unauthenticated Stored Cross-Site Scripting (XSS) in Simple Ajax Chat <= 20220115 allows an attacker to store the malicious code.
network
low complexity
plugin-planet CWE-79
6.1