CVE-2011-5181

NUCLEI

ClickDesk Live Support - Live Chat Plugin 2.0 - Cross-Site Scripting via cdwidgetid Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2011-5181. PoCs published by Amir. A Nuclei detection template is also available.

AI-analyzed exploit summary The provided text describes a cross-site scripting (XSS) vulnerability in the ClickDesk Live Support plugin for WordPress. It outlines the vulnerability's cause (lack of input sanitization) and potential impact (arbitrary script execution in a user's browser context).

Description

Cross-site scripting (XSS) vulnerability in clickdesk.php in ClickDesk Live Support - Live Chat plugin 2.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via the cdwidgetid parameter. NOTE: some of these details are obtained from third party information.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Amir · textwebappsphp
https://www.exploit-db.com/exploits/36338

The provided text describes a cross-site scripting (XSS) vulnerability in the ClickDesk Live Support plugin for WordPress. It outlines the vulnerability's cause (lack of input sanitization) and potential impact (arbitrary script execution in a user's browser context).

Classification
Writeup 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Theoretical
Target: ClickDesk Live Support plugin for WordPress 2.0
No auth needed
Prerequisites: Access to the vulnerable plugin endpoint
MITRE ATT&CK
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

Nuclei Templates (1)

ClickDesk Live Support Live Chat 2.0 - Cross-Site Scripting
MEDIUMby daffainfo

References (5)

Core 5
Core References
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/50778
Exploit vdb-entry x_refsource_osvdb
http://osvdb.org/77338
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/520624/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/71469

Scores

EPSS 0.1043
EPSS Percentile 95.2%

Details

CWE
CWE-79
Status published
Products (1)
clickdesk/clickdesk_live_support-live_chat_plugin 2.0
Published Sep 20, 2012
Tracked Since Feb 18, 2026