VYPR

Chaty Pro

by WordPress

CVEs (2)

  • CVE-2025-26776CriFeb 22, 2025
    risk 0.65cvss 10.0epss 0.01

    Unrestricted Upload of File with Dangerous Type vulnerability in NotFound Chaty Pro allows Upload a Web Shell to a Web Server. This issue affects Chaty Pro: from n/a through 3.3.3.

  • CVE-2021-25016MedJan 3, 2022
    risk 0.40cvss 6.1epss 0.02

    The Chaty WordPress plugin before 2.8.3 and Chaty Pro WordPress plugin before 2.8.2 do not sanitise and escape the search parameter before outputting it back in the admin dashboard, leading to a Reflected Cross-Site Scripting