cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-12464,https://securityvulnerability.io/vulnerability/CVE-2024-12464,Stored Cross-Site Scripting Vulnerability in Chatroll Live Chat Plugin for WordPress,"The Chatroll Live Chat plugin for WordPress has a vulnerability that allows authenticated users with contributor-level access to inject malicious web scripts via the 'chatroll' shortcode. This occurs due to inadequate input sanitization and output escaping on user-supplied attributes, leading to the execution of scripts when a user accesses the compromised page. All versions of the plugin up to and including 2.5.0 are affected, posing significant security risks to WordPress installations.",Wordpress,Chatroll Live Chat,6.4,MEDIUM,0.00044999999227002263,false,,false,false,false,,false,false,false,,2025-01-07T05:23:55.106Z,0