Latest Privacy

The Hacker News

New Flaw in WordPress Live Chat Plugin Lets Hackers Steal and Hijack Sessions

By Mohit Kumar 11 Jun 2019 at 12:06

Security researchers have been warning about a critical vulnerability they discovered in one of a popular WordPress Live Chat plugin, which, if exploited, could allow unauthorized remote attackers to steal chat logs or manipulate chat sessions. The vulnerability, identified as CVE-2019-12498, resides in the "WP Live Chat Support" that is currently being used by over 50,000 businesses to provide customer support and chat with visitors through their websites.

Read more