3CX Free Live Chat, Calls & Messaging

Vulnerabilities 29Slug wp-live-chat-supportLatest version 10.0.17WordPress.org →

Minimum safe version

9.4.3

Update to 9.4.3 or later to address 29 fixable vulnerabilities

Latest available10.0.17 ✓

N/A

< 4.4.0

WP Live Chat Support < 4.4.0 - Unauthenticated Blind SQL Injection

WPScan

N/A

< 6.2.04

WP Live Chat Support < 6.2.04 - Stored Cross-Site Scripting (XSS)

WPScan

N/A

< 8.0.08

WP Live Chat Support < 8.0.08 - Cross-Site Scripting (XSS)

WPScan

N/A

< 8.2.0

WP-Live Chat by 3CX < 8.2.0 - Authenticated Stored Cross-Site Scripting

WPScan

N/A

2015-07-06< 4.4.0

WP Live Chat Support <= 4.3.5 - Stored Cross-site Scripting

Wordfence

N/A

2015-07-06< 4.4.0

WP Live Chat Support <= 4.3.5 - Blind SQL Injection

Wordfence

N/A

2020-07-12< 8.2.0

WP Live Chat Support <= 8.1.9 - Stored Cross-Site Scripting

Wordfence

N/A

2022-04-28< 9.4.3

3CX Live Chat <= 9.4.2 - Local File Inclusion

Wordfence

N/A

2015-07-06< 4.4.0

WordPress Live Chat Support Plugin <= 4.3.5 - Unauthenticated Blind SQL Injection

Patchstack

N/A

2016-07-11< 6.2.02

WordPress Live Chat Support Plugin <= 6.2.01 - Stored Cross Site Scripting

Patchstack

N/A

2016-08-01< 6.2.04

WordPress Live Chat Support Plugin <= 6.2.03 - Stored Cross Site Scripting

Patchstack

N/A

2016-09-11< 6.2.04

WordPress WP Live Chat Support Plugin 6.2.03 - XSS

Patchstack

N/A

2017-07-30< 7.1.05

WordPress WP Live Chat Support plugin <=7.1.04 - Cross-Site Scripting (XSS) vulnerability

Patchstack

N/A

2018-04-09< 8.0.06

WordPress WP Live Chat Support plugin <=8.0.05 - Unauthenticated Stored XSS vulnerability

Patchstack

N/A

2018-05-17< 8.0.08

WordPress WP Live Chat Support plugin <=8.0.07 - Authenticated Cross-Site Scripting (XSS) vulnerability

Patchstack

N/A

2019-03-12< 8.0.18

WordPress WP Live Chat Support plugin <= 8.0.17 - Reflected Cross-Site Scripting (XSS) vulnerability

Patchstack

N/A

2019-05-21< 8.0.27

WordPress WP Live Chat Support plugin <= 8.0.26 - Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability

Patchstack

N/A

2020-07-12< 8.2.0

WordPress 3CX Live Chat plugin <= 8.1.9 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities

Patchstack

Medium 6.1

2017-06-09< 7.0.07

CVE-2017-2187

CVE JVN Wordfence WPScan

Medium 6.1

2018-04-09< 8.0.06

CVE-2018-9864

CVE Wordfence WPScan

Medium 6.1

2018-07-02< 8.0.08

3CX Live Chat <= 8.0.07 - Cross-Site Scripting

Wordfence CVE

Medium 6.1

2018-10-18< 8.0.18

CVE-2018-18460

CVE Wordfence WPScan

Medium 6.1

2019-03-22< 8.0.18

WordPress WP Live Chat Support plugin <= 8.0.17 - Cross-Site Scripting (XSS) vulnerability

Patchstack CVE Wordfence

Medium 6.1

2019-08-12< 8.0.27

CVE-2019-14950

CVE Wordfence WPScan

Medium 6.1

2019-08-12< 6.2.04

CVE-2016-10879

CVE Wordfence WPScan

Medium 6.1

2019-08-12< 1.7.03

CVE-2017-18508

CVE Wordfence WPScan

Medium 6.1

2019-08-13< 7.1.05

CVE-2017-18507

CVE Wordfence WPScan

Medium 6.1

2019-08-22< 4.1.0

CVE-2014-10386

CVE Wordfence WPScan

Critical 9.8

2020-03-20< 8.0.33

CVE-2019-12498

CVE Wordfence WPScan