浏览 52+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-11762 | HubSpot All-In-One Marketing - Forms, Popups, Live Chat <= 11.3.32 - Missing Authorization to Authenticated (Contributor+) Installed Plugin Disclosure | hubspotdev | HubSpot All-In-One Marketing – Forms, Popups, Live Chat | Medium | 4.3 | 2026-04-24 07:45:07 | Deep Dive |
| CVE-2025-12448 | Smartsupp – live chat, AI shopping assistant and chatbots <= 3.9.1 - Authenticated (Subscriber+) Stored Cross-Site Scripting | smartsupp | Smartsupp – live chat, AI shopping assistant and chatbots | Medium | 6.4 | 2026-02-19 03:25:12 | Deep Dive |
| CVE-2020-37106 | Business Live Chat Software 1.0 - Cross-Site Request Forgery (Add Admin) | Bdtask | Business Live Chat Software | Medium | 5.3 | 2026-02-06 23:14:05 | Deep Dive |
| CVE-2025-14154 | Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss <= 2.10.2 - Unauthenticated Stored Cross-Site Scripting | wordplus | Better Messages – Live Chat, Chat Rooms, Real-Time Messaging & Private Messages | Medium | 6.1 | 2025-12-17 05:24:55 | Deep Dive |
| CVE-2025-12751 | WSChat – WordPress Live Chat <= 3.1.6 - Missing Authorization to Authenticated (Subscriber+) Settings Reset | elextensions | WSChat – WordPress Live Chat | Medium | 4.3 | 2025-11-19 05:45:11 | Deep Dive |
| CVE-2025-11829 | Five9 Live Chat <= 1.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting | five9 | Five9 Live Chat | Medium | 6.4 | 2025-11-11 03:30:35 | Deep Dive |
| CVE-2025-11576 | AI Chatbot Free Models – Customer Support, Live Chat, Virtual Assistant <= 1.6.5 - Unauthenticated CSV Injection | newcodebyte | AI Chatbot Free Models – Customer Support, Live Chat, Virtual Assistant | Medium | 4.3 | 2025-10-24 12:29:57 | Deep Dive |
| CVE-2025-8349 | Cross-Site Scripting (XSS) stored in Tawk Live Chat | Tawk | Live Chat | - | - | 2025-10-20 09:56:04 | Deep Dive |
| CVE-2025-57912 | WordPress Dialogity Free Live Chat plugin <= 1.0.3 - Cross Site Scripting (XSS) vulnerability | dialogity | Dialogity Free Live Chat | Medium | 5.9 | 2025-09-22 18:25:19 | Deep Dive |
| CVE-2025-58688 | WordPress Casengo Live Chat Support Plugin <= 2.1.4 - Cross Site Request Forgery (CSRF) Vulnerability | Casengo | Casengo Live Chat Support | High | 7.1 | 2025-09-22 18:22:42 | Deep Dive |
| CVE-2025-58626 | WordPress RumbleTalk Live Group Chat Plugin <= 6.3.5 - Cross Site Scripting (XSS) Vulnerability | RumbleTalk | RumbleTalk Live Group Chat | Medium | 6.5 | 2025-09-03 14:36:53 | Deep Dive |
| CVE-2025-24735 | WordPress Chatra Live Chat + ChatBot + Cart Saver plugin <= 1.0.11 - Cross Site Scripting (XSS) Vulnerability | Chatra | Chatra Live Chat + ChatBot + Cart Saver | Medium | 5.9 | 2025-07-04 08:42:05 | Deep Dive |
| CVE-2025-30977 | WordPress Chaport <= 1.1.6 - Cross Site Scripting (XSS) Vulnerability | Chaport Live Chat | Chaport | Medium | 5.9 | 2025-06-06 12:54:07 | Deep Dive |
| CVE-2025-5018 | Hive Support <= 1.2.5 - Authenticated (Subscriber+) Missing Authorization via hs_update_ai_chat_settings and hive_lite_support_get_all_binbox | hivesupport | Hive Support | AI-Powered Help Desk, Live Chat and Chatbot | High | 7.1 | 2025-06-06 06:42:51 | Deep Dive |
| CVE-2025-5019 | Hive Support <= 1.2.5 - Cross-Site Request Forgery via hs_update_ai_chat_settings Function | hivesupport | Hive Support | AI-Powered Help Desk, Live Chat and Chatbot | Medium | 5.4 | 2025-06-06 06:42:49 | Deep Dive |
| CVE-2025-46498 | WordPress Zalo Official Live Chat plugin <= 1.0.0 - Cross Site Request Forgery (CSRF) Vulnerability | nghialuu | Zalo Official Live Chat | Medium | 5.4 | 2025-04-24 16:09:28 | Deep Dive |
| CVE-2025-31383 | WordPress FrescoChat Live Chat plugin <= 3.2.6 - CSRF to Stored XSS vulnerability | sodena | FrescoChat Live Chat | High | 7.1 | 2025-04-09 16:13:34 | Deep Dive |
| CVE-2025-32624 | WordPress Czater.pl – live chat i telefon plugin <= 1.0.5 - CSRF to Stored Cross Site Scripting (XSS) vulnerability | czater | Czater.pl – live chat i telefon | High | 7.1 | 2025-04-09 16:09:25 | Deep Dive |
| CVE-2025-26542 | WordPress Zalo Live Chat Plugin <= 1.1.0 - Reflected Cross Site Scripting (XSS) vulnerability | Dang Ngoc Binh | Zalo Live Chat | High | 7.1 | 2025-03-26 14:24:19 | Deep Dive |
| CVE-2024-13697 | Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss <= 2.7.4 - Unauthenticated Limited Server-Side Request Forgery in nice_links | wordplus | Better Messages – Live Chat, Chat Rooms, Real-Time Messaging & Private Messages | Medium | 4.8 | 2025-03-01 08:23:21 | Deep Dive |