CVE-2025-3774 | Wise Chat Plugin up to 3.3.4 on WordPress Header X-Forwarded-For cross site scripting

Inserito da Angelo Barbosa | Giu 16, 2025 | CVE

A vulnerability, which was classified as problematic, was found in Wise Chat Plugin up to 3.3.4 on WordPress. Affected is an unknown function of the component Header Handler. The manipulation of the argument X-Forwarded-For leads to cross site scripting.

This vulnerability is traded as CVE-2025-3774. It is possible to launch the attack remotely. There is no exploit available.

CVE-2025-3774 | Wise Chat Plugin up to 3.3.4 on WordPress Header X-Forwarded-For cross site scripting

Post correlati

CVE-2024-6141 | WindScribe path traversal

CVE-2024-13685 | Admin and Site Enhancements Plugin up to 7.6.9 on WordPress Login authentication spoofing

CVE-2023-46842 | Xen 4.15.x/4.16.x/4.17.x/4.18.x x86 HVM Hypercall denial of service

CVE-2024-49615 | Henrique Rodrigues SafetyForms Plugin up to 1.0.0 on WordPress cross-site request forgery