New Flaw in WordPress Live Chat Plugin Lets Hackers Steal and Hijack Sessions

By [email protected] (Unknown) Security researchers have been warning about a critical vulnerability they discovered in one of a popular WordPress Live Chat plugin, which, if exploited, could allow unauthorized remote attackers to steal chat logs or manipulate chat sessions.

The vulnerability, identified as CVE-2019-12498, resides in the “WP Live Chat Support” that is currently being used by over 50,000 businesses to

Via:: New Flaw in WordPress Live Chat Plugin Lets Hackers Steal and Hijack Sessions