Security News

Cybersecurity news aggregator

🔓
MEDIUM Vulnerabilities NIST NVD

CVE-2025-14316: The AhaChat Messenger Marketing WordPress plugin through 1.1 does not sanitise and escape a paramete...

cve-2025-14316ahachatwordpress-pluginreflected-xsscross-site-scripting
The AhaChat Messenger Marketing WordPress plugin through version 1.1 is vulnerable to Reflected Cross-Site Scripting (XSS). The plugin does not properly sanitize a parameter before outputting it, potentially allowing attackers to inject malicious scripts and target high-privilege users like administrators.
Read Full Article →

The AhaChat Messenger Marketing WordPress plugin through 1.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin

Related Articles

MEDIUM Reflected XSS in Operation Center Fortinet PSIRT MEDIUM CVE-2026-1429: Single Sign-On Portal System developed by WellChoose has a Reflected Cross-site Scripting vulnerabil... NIST NVD MEDIUM Wordfence Intelligence Weekly WordPress Vulnerability Report (January 26, 2026 to February 1, 2026) Wordfence MEDIUM CVE-2025-14973: The Recipe Card Blocks Lite WordPress plugin before 3.4.13 does not sanitize and escape a parameter ... NIST NVD
Read Full Article → ← Back to News

Share this article

Twitter Facebook LinkedIn