VYPR

iFlyChat

by WordPress

CVEs (2)

  • CVE-2024-31108MedMar 31, 2024
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in iFlyChat Team iFlyChat – WordPress Chat iflychat allows Stored XSS.This issue affects iFlyChat – WordPress Chat: from n/a through 4.7.2.

  • CVE-2021-24343MedJun 7, 2021
    risk 0.31cvss 4.8epss 0.01

    The iFlyChat WordPress plugin before 4.7.0 does not sanitise its APP ID setting before outputting it back in the page, leading to an authenticated Stored Cross-Site Scripting issue