CVE-2019-25737

HIGH SEVERITY

CVSS Score & Metrics

Base Score

7.2 / 10

Vector String

                                        CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N                                    

Vulnerability Description

Live Chat Unlimited 2.8.3 contains a stored cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts through the chat input field. Attackers can submit payloads containing script tags and event handlers that execute in the admin area, enabling cookie theft or forced redirects to malicious websites.

Vulnerability Details

Published Date

June 04, 2026

Last Modified

June 05, 2026

CWE ID

CWE-79

Source

NVD

Vendor

Screets

Product

Live Chat Unlimited

External References

https://codecanyon.net/item/wordpress-live-chat-plugin/3952877
https://screets.com/
https://www.exploit-db.com/exploits/47037
https://www.vulncheck.com/advisories/live-chat-unlimited-stored-cross-site-scripting

CVE-2019-25737

CVSS Score & Metrics

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment