New Flaw in WordPress Live Chat Plugin Lets Hackers Steal and Hijack Sessions

Security researchers have been warning about a critical vulnerability they discovered in one of a popular WordPress Live Chat plugin, which, if exploited, could allow unauthorized remote attackers to steal chat logs or manipulate chat sessions.

The vulnerability, identified as CVE-2019-12498, resides in the “WP Live Chat Support” that is currently being used by over 50,000 businesses to

Comments

comments

Inline
us
Inline
us