WP Live Chat Support - Vulnerability

The developers of the WP Live Chat Support plugin, which has more than 50,000 installations, report that users should immediately upgrade the plugin to version 8.0.33 or later. The fact is that the plugin has detected a critical vulnerability that allows an attacker who does not have valid credentials to bypass the authentication mechanism.

WP Live Chat Support allows you to add free chat to your site through which employees can provide support and assistance to resource visitors.

The researchers say that with the help of a bug, an attacker can insert his own messages into active chats, edit them, and also carry out DoS attacks, due to which chat sessions will be urgently terminated.

According to Alert Logic, administrators who for some reason cannot install the plug-in update can temporarily fix the problem by configuring WAF filters.