Description
WordPress Plugin The Official Facebook Chat is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently update plugin's options and hook-up their own Facebook Messenger account and engage in chats with site visitors. WordPress Plugin The Official Facebook Chat version 1.5 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.6 or latest
References
Related Vulnerabilities
WordPress Plugin Caret Country Access Limit Cross-Site Scripting (1.0.1)
WordPress Plugin My Calendar Cross-Site Scripting (2.5.16)
WordPress Plugin Request a Quote Cross-Site Scripting (2.3.3)
WordPress Plugin WordPress Photo Gallery by Gallery Bank SQL Injection (3.0.229)
WordPress Plugin Advanced Custom Fields (ACF) Multiple Security Bypass Vulnerabilities (5.10.2)