VYPR

Wise Chat

by WordPress

Source repositories

CVEs (4)

  • CVE-2025-3774HigJun 17, 2025
    risk 0.47cvss 7.2epss 0.00

    The Wise Chat plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the X-Forwarded-For header in all versions up to, and including, 3.3.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject…

  • CVE-2024-13613HigMay 17, 2025
    risk 0.42cvss 7.5epss 0.00

    The Wise Chat plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.3.3 via the 'uploads' directory. This makes it possible for unauthenticated attackers to extract sensitive data stored insecurely in the /wp-content/uploads…

  • CVE-2019-6780MedJan 24, 2019
    risk 0.36cvss 6.1epss 0.05

    The Wise Chat plugin before 2.7 for WordPress mishandles external links because rendering/filters/post/WiseChatLinksPostFilter.php omits noopener and noreferrer.

  • CVE-2023-32504MedNov 18, 2023
    risk 0.35cvss 5.4epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in Kainex Wise Chat.This issue affects Wise Chat: from n/a through 3.1.3.