Threat Post

WordPress WP Live Chat Support Plugin Fixes XSS Flaw

A cross-site scripting flaw in a popular WordPress plugin enables an unauthenticated attacker to insert JavaScript payloads into impacted websites. For the second time this month a patch has been ...
Bleeping Computer

WordPress Chat Plugin Bug Lets Hackers Inject Text, Steal Logs

Admins of websites with WP Live Chat Support for Wordpress installations should immediately update the plugin to version 8.0.33 or later to patch a critical authentication bypass which can be ...
TechRadar

Critical flaw in WordPress live chat discovered

Security researchers have discovered a critical flaw in WordPress Live Chat Support which can be exploited by an attacker without the need for valid credentials. Over 50,000 websites have installed ...