| CVE-2025-39560 | WordPress Live Forms plugin <= 4.8.4 - Broken Access Control vulnerability | Shahjada | Live Forms | Medium | 5.4 | 2025-04-16 12:44:34 | Deep Dive |
| CVE-2025-31383 | WordPress FrescoChat Live Chat plugin <= 3.2.6 - CSRF to Stored XSS vulnerability | sodena | FrescoChat Live Chat | High | 7.1 | 2025-04-09 16:13:34 | Deep Dive |
| CVE-2025-32480 | WordPress Windows Live Writer plugin <= 0.1 - CSRF to Stored XSS vulnerability | dalziel | Windows Live Writer | High | 7.1 | 2025-04-09 16:09:54 | Deep Dive |
| CVE-2025-32624 | WordPress Czater.pl – live chat i telefon plugin <= 1.0.5 - CSRF to Stored Cross Site Scripting (XSS) vulnerability | czater | Czater.pl – live chat i telefon | High | 7.1 | 2025-04-09 16:09:25 | Deep Dive |
| CVE-2025-32279 | WordPress Live Forms plugin <= 4.8.5 - Broken Access Control vulnerability | Shahjada | Live Forms | Medium | 4.3 | 2025-04-08 16:59:35 | Deep Dive |
| CVE-2025-31597 | WordPress Ultimate Live Cricket WordPress Lite plugin <= 1.4.2 - Cross Site Scripting (XSS) vulnerability | crazycric | Ultimate Live Cricket WordPress Lite | Medium | 6.5 | 2025-03-31 12:55:33 | Deep Dive |
| CVE-2025-30809 | WordPress WordPress Contact Form, Drag and Drop Form Builder Plugin – Live Forms plugin <= 4.8.4 - Settings Change vulnerability | Shahjada | Live Forms | Medium | 5.4 | 2025-03-27 10:54:58 | Deep Dive |
| CVE-2025-26542 | WordPress Zalo Live Chat Plugin <= 1.1.0 - Reflected Cross Site Scripting (XSS) vulnerability | Dang Ngoc Binh | Zalo Live Chat | High | 7.1 | 2025-03-26 14:24:19 | Deep Dive |
| CVE-2024-13697 | Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss <= 2.7.4 - Unauthenticated Limited Server-Side Request Forgery in nice_links | wordplus | Better Messages – Live Chat, Chat Rooms, Real-Time Messaging & Private Messages | Medium | 4.8 | 2025-03-01 08:23:21 | Deep Dive |
| CVE-2024-13611 | Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss <= 2.6.9 - Unauthenticated Sensitive Information Exposure Through Unprotected Directory | wordplus | Better Messages – Live Chat, Chat Rooms, Real-Time Messaging & Private Messages | High | 7.5 | 2025-03-01 08:23:20 | Deep Dive |
| CVE-2025-26753 | WordPress VideoWhisper Live Streaming Integration plugin <= 6.2 - Arbitrary File Download vulnerability | videowhisper | Broadcast Live Video | High | 7.5 | 2025-02-25 14:17:50 | Deep Dive |
| CVE-2025-26752 | WordPress VideoWhisper Live Streaming Integration plugin <= 6.2 - Arbitrary File Deletion vulnerability | videowhisper | Broadcast Live Video | High | 8.6 | 2025-02-25 14:17:50 | Deep Dive |
| CVE-2025-27327 | WordPress Live Streaming Video Player – by SRS Player plugin <= 1.0.18 - Cross Site Scripting (XSS) vulnerability | Winlin | Live Streaming Video Player – by SRS Player | Medium | 6.5 | 2025-02-24 14:49:06 | Deep Dive |
| CVE-2024-13736 | Pure Chat – Live Chat & More! <= 2.4 - Reflected Cross-Site Scripting via purechatWidgetName Parameter | pure-chat | Pure Chat – Live Chat & More! | Medium | 6.1 | 2025-02-19 07:32:14 | Deep Dive |
| CVE-2025-0822 | Bit Assist <= 1.5.2 - Path Traversal to Authenticated (Subscriber+) Arbitrary File Read via fileID Parameter | bitpressadmin | Chat Widget: Floating Customer Support Button for 30+ Channels, Supporting SMS, Calls, and Chat – Bit Assist | Medium | 6.5 | 2025-02-15 12:43:03 | Deep Dive |
| CVE-2025-23474 | WordPress Live Dashboard plugin <= 0.3.3 - Reflected Cross Site Scripting (XSS) vulnerability | Mike Martel | Live Dashboard | High | 7.1 | 2025-02-14 12:44:28 | Deep Dive |
| CVE-2025-0821 | Bit Assist <= 1.5.2 - Authenticated (Subscriber+) SQL Injection via id Parameter | bitpressadmin | Chat Widget: Floating Customer Support Button for 30+ Channels, Supporting SMS, Calls, and Chat – Bit Assist | Medium | 6.5 | 2025-02-14 11:10:58 | Deep Dive |
| CVE-2024-13791 | Bit Assist <= 1.5.2 - Path Traversal to Authenticated (Administrator+) Arbitrary File Read via downloadResponseFile Function | bitpressadmin | Chat Widget: Floating Customer Support Button for 30+ Channels, Supporting SMS, Calls, and Chat – Bit Assist | Medium | 4.9 | 2025-02-14 11:10:58 | Deep Dive |
| CVE-2025-1116 | Dreamvention Live AJAX Search Free live_search.searchresults search sql injection | Dreamvention | Live AJAX Search Free | High | 7.3 | 2025-02-08 12:00:15 | Deep Dive |
| CVE-2024-13612 | Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss <= 2.6.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | wordplus | Better Messages – Live Chat, Chat Rooms, Real-Time Messaging & Private Messages | Medium | 6.4 | 2025-02-01 12:21:31 | Deep Dive |