Permalink
CVE-2025-66099
5.3 MEDIUM
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): LOW
- Privileges required (PR): NONE
- User interaction (UI): NONE
- Scope (S): UNCHANGED
- Confidentiality impact (C): LOW
- Integrity impact (I): NONE
- Availability impact (A): NONE
by @pyrox0 Activity log
- Created automatic suggestion
- @pyrox0 dismissed
WordPress Chat Help plugin <= 3.1.3 - Broken Access Control vulnerability
Missing Authorization vulnerability in ThemeAtelier Chat Help chat-help allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Chat Help: from n/a through <= 3.1.3.
References
- https://vdp.patchstack.com/database/Wordpress/Plugin/chat-help/vulnerability/wo… vdb-entry
- https://vdp.patchstack.com/database/Wordpress/Plugin/chat-help/vulnerability/wo… vdb-entry
- https://vdp.patchstack.com/database/Wordpress/Plugin/chat-help/vulnerability/wo… vdb-entry
- https://patchstack.com/database/Wordpress/Plugin/chat-help/vulnerability/wordpr… vdb-entry
Affected products
chat-help
- =<<= 3.1.3
Matching in nixpkgs
pkgs.aider-chat-with-help
AI pair programming in your terminal
Package maintainers
-
@happysalada Raphael Megzari <raphael@megzari.com>
-
@yzx9 Zexin Yuan <yuan.zx@outlook.com>