Unlisteds

Info Product: WP Live Chat Support Version: 8.0.05 Active installations: 50,000+ Product page: https://wordpress.org/plugins/wp-live-chat-support/ CVE: 2018-9864 1. Description An unauthenticated user could inject arbitrary javascript code in the admin panel by using the text field Name of WP Live Chat Support. Using a single input point it was possible to inject javascript code into two different output points of the admin panel. There were two issues in the external javascript file bleeper-agent-dev.js: the function bleeper_strip_tags filtered closed tags only, so it could be bypassed with an unclosed tag the variable chatInfoArea-Name was not escaped This vulnerability has been fixed in all versions of the plugin without an update because bleeper-agent-dev.js is an external file and the developer has updated it. ...

Info Product: Bookly #1 WordPress Booking Plugin (Lite Version) Version: 13.2 Active installations: 10,000+ Product page: https://wordpress.org/plugins/bookly-responsive-appointment-booking-tool/ CVE: 2018-6891 Description An unauthenticated user can inject arbitrary persistent javascript code in the admin panel. Proof of Concept Bookly Lite 13.2 and Bookly Pro 14.5 are affected, probably even earlier versions. I think the problem is that jQuery.ajax request is not sanitized in ng-payment_details_dialog.js. [*] ...