VYPR
Vendor

Five9

Products
2
CVEs
5
Across products
5
Status
Private

Products

2

Recent CVEs

5
  • CVE-2018-15509CriMar 18, 2019
    risk 0.64cvss 9.8epss 0.02

    Five9 Agent Desktop Plus 10.0.70 has Incorrect Access Control (issue 2 of 2).

  • CVE-2018-15508HigMar 21, 2019
    risk 0.49cvss 7.5epss 0.02

    Five9 Agent Desktop Plus 10.0.70 has Incorrect Access Control allowing a remote attackers to cause a denial of service via opening a connection on port 8083 to a device running the Five9 SoftPhone(issue 1 of 2).

  • CVE-2025-11829MedNov 11, 2025
    risk 0.42cvss 6.4epss 0.00

    The Five9 Live Chat plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'toolbar' attribute of the [five9-chat] shortcode in all versions up to, and including, 1.1.2. This is due to insufficient input sanitization and output escaping. This makes it possible…

  • CVE-2025-8349MedOct 20, 2025
    risk 0.34cvss epss 0.00

    Cross-site Scripting (XSS) stored vulnerability in Tawk Live Chat. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by uploading a malicious PDF with JavaScript payload through the chatbot. The PDF is stored by the application and…

  • CVE-2025-45960Jul 25, 2025
    risk 0.00cvss epss 0.00

    Cross Site Scripting vulnerability in tawk.to Live Chat v.1.6.1 allows a remote attacker to execute arbitrary code via the web application stores and displays user-supplied input without proper input validation or encoding