Medium severity5.4NVD Advisory· Published May 30, 2022· Updated Jun 17, 2026
CVE-2022-0642
CVE-2022-0642
Description
The JivoChat Live Chat WordPress plugin before 1.3.5.4 does not properly check CSRF tokens on POST requests to the plugins admin page, and does not sanitise some parameters, leading to a stored Cross-Site Scripting vulnerability where an attacker can trick a logged in administrator to inject arbitrary javascript.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/JivoChat Live Chat WordPress plugindescription
- Range: <1.3.5.4
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/099cf9b4-0b3a-43c6-8ca9-7c2d50f86425nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.