Jeff Starr Simple Ajax Chat vulnerabilities
4 known vulnerabilities affecting jeff_starr/simple_ajax_chat.
Total CVEs
4
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2022-27849P3HIGHCVSS 7.5PoC≤ 202201152022-04-15
CVE-2022-27849 [HIGH] CWE-200 CVE-2022-27849: Sensitive Information Disclosure (sac-export.csv) in Simple Ajax Chat (WordPress plugin) <= 20220115
Sensitive Information Disclosure (sac-export.csv) in Simple Ajax Chat (WordPress plugin) <= 20220115
nvd
CVE-2026-3075P4MEDIUMCVSS 5.3≤ 202511212026-02-23
CVE-2026-3075 [MEDIUM] CWE-497 CVE-2026-3075: Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Jeff Sta
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Jeff Starr Simple Ajax Chat simple-ajax-chat allows Retrieve Embedded Sensitive Data.This issue affects Simple Ajax Chat: from n/a through <= 20251121.
nvd
CVE-2022-25610P4MEDIUMCVSS 6.1≤ 202201152022-03-25
CVE-2022-25610 [MEDIUM] CWE-79 CVE-2022-25610: Unauthenticated Stored Cross-Site Scripting (XSS) in Simple Ajax Chat <= 20220115 allows an attacker
Unauthenticated Stored Cross-Site Scripting (XSS) in Simple Ajax Chat <= 20220115 allows an attacker to store the malicious code. However, the attack requires specific conditions, making it hard to exploit.
nvd
CVE-2022-27850P4MEDIUMCVSS 4.3≤ 202201152022-04-15
CVE-2022-27850 [MEDIUM] CWE-352 CVE-2022-27850: Cross-Site Request Forgery (CSRF) in Simple Ajax Chat (WordPress plugin) <= 20220115 allows an attac
Cross-Site Request Forgery (CSRF) in Simple Ajax Chat (WordPress plugin) <= 20220115 allows an attacker to clear the chat log or delete a chat message.
nvd