Description
WordPress Plugin WP-Live Chat by 3CX is prone to an information disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may help in launching further attacks. WordPress Plugin WP-Live Chat by 3CX version 8.0.28 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 8.0.29 or latest
References
Related Vulnerabilities
WordPress Plugin StageShow Multiple Vulnerabilities (5.0.8)
WordPress Plugin Clever Addons for Elementor Multiple Cross-Site Scripting Vulnerabilities (2.0.15)
Drupal Core 8.9.x Cross-Site Scripting (8.9.0 - 8.9.15)
Jboss EAP XML Injection (aka Blind XPath Injection) Vulnerability (CVE-2018-1000632)
MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-3455)