Approved changes feed: RSS · Atom

cpe:2.3:a:plugin-planet:simple_ajax_chat:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorPlugin Planet (ae238b55-711f-5cfd-98e7-d618431f08aa)
ProductSimple Ajax Chat (f699b2ae-b387-59b9-9776-733f3b794226)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from purl2cpe mapping

PURL mappings

PURLSourceLast updated
pkg:github/wp-plugins/simple-ajax-chat purl2cpe 2026-06-01 10:15:15.894117
pkg:github/wpplugins/simple-ajax-chat purl2cpe 2026-06-01 10:15:15.894121

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2024-2470 vulnerable 2026-06-08 06:33:31.184110 Simple Ajax Chat < 20240412 - Admin+ Stored XSS
The Simple Ajax Chat WordPress plugin before 20240412 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
Published: 2024-06-04T06:00:02.220Z
Updated: 2026-01-09T21:31:21.626Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.