Collectchat

CVEs (3)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	Published	Description
CVE-2024-30436	WordPress Collectchat	Med	0.42	6.5	0.00	Mar 29, 2024	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Collect.Chat Inc. Collectchat allows Stored XSS.This issue affects Collectchat: from n/a through 2.4.1.
CVE-2026-40765	WordPress Collectchat		0.00	—	—	Jun 17, 2026	Unauthenticated Cross Site Scripting (XSS) in collectchat <= 2.4.9 versions.
CVE-2023-5691	WordPress Collectchat		0.00	—	0.00	Jan 11, 2024	The Chatbot for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in version 2.3.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions…

CVE-2024-30436MedMar 29, 2024
WordPress
Collectchat
risk 0.42cvss 6.5epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Collect.Chat Inc. Collectchat allows Stored XSS.This issue affects Collectchat: from n/a through 2.4.1.
CVE-2026-40765Jun 17, 2026
WordPress
Collectchat
risk 0.00cvss —epss —
Unauthenticated Cross Site Scripting (XSS) in collectchat <= 2.4.9 versions.
CVE-2023-5691Jan 11, 2024
WordPress
Collectchat
risk 0.00cvss —epss 0.00
The Chatbot for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in version 2.3.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions…