cbcvebase.

Jeff Starr Simple Ajax Chat vulnerabilities

4 known vulnerabilities affecting jeff_starr/simple_ajax_chat.

Total CVEs
4
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM3

Vulnerabilities

Page 1 of 1
CVE-2022-27849P3HIGHCVSS 7.5PoC≤ 202201152022-04-15
CVE-2022-27849 [HIGH] CWE-200 CVE-2022-27849: Sensitive Information Disclosure (sac-export.csv) in Simple Ajax Chat (WordPress plugin) <= 20220115 Sensitive Information Disclosure (sac-export.csv) in Simple Ajax Chat (WordPress plugin) <= 20220115
nvd
CVE-2026-3075P4MEDIUMCVSS 5.3≤ 202511212026-02-23
CVE-2026-3075 [MEDIUM] CWE-497 CVE-2026-3075: Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Jeff Sta Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Jeff Starr Simple Ajax Chat simple-ajax-chat allows Retrieve Embedded Sensitive Data.This issue affects Simple Ajax Chat: from n/a through <= 20251121.
nvd
CVE-2022-25610P4MEDIUMCVSS 6.1≤ 202201152022-03-25
CVE-2022-25610 [MEDIUM] CWE-79 CVE-2022-25610: Unauthenticated Stored Cross-Site Scripting (XSS) in Simple Ajax Chat <= 20220115 allows an attacker Unauthenticated Stored Cross-Site Scripting (XSS) in Simple Ajax Chat <= 20220115 allows an attacker to store the malicious code. However, the attack requires specific conditions, making it hard to exploit.
nvd
CVE-2022-27850P4MEDIUMCVSS 4.3≤ 202201152022-04-15
CVE-2022-27850 [MEDIUM] CWE-352 CVE-2022-27850: Cross-Site Request Forgery (CSRF) in Simple Ajax Chat (WordPress plugin) <= 20220115 allows an attac Cross-Site Request Forgery (CSRF) in Simple Ajax Chat (WordPress plugin) <= 20220115 allows an attacker to clear the chat log or delete a chat message.
nvd
Jeff Starr Simple Ajax Chat vulnerabilities | cvebase