Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
WordPress Plugin WP-Live Chat by 3CX Security Bypass - CVE-2019-12498 - Vulnerability Database
WP Plugin Wp Live Chat Support

WordPress Plugin WP-Live Chat by 3CX Security Bypass - CVE-2019-12498

High
Reference: CVE-2019-12498
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2019-12498
Title: WordPress Plugin WP-Live Chat by 3CX Security Bypass
Overview:

WordPress Plugin WP-Live Chat by 3CX is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently gain access to the REST API functionality without valid credentials enabling exfiltration of chat logs and the ability to manipulate chat sessions. WordPress Plugin WP-Live Chat by 3CX version 8.0.32 is vulnerable prior versions may also be affected.