CVE-2011-5181
NUCLEIClickDesk Live Support - Live Chat Plugin 2.0 - Cross-Site Scripting via cdwidgetid Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2011-5181. PoCs published by Amir. A Nuclei detection template is also available.
AI-analyzed exploit summary The provided text describes a cross-site scripting (XSS) vulnerability in the ClickDesk Live Support plugin for WordPress. It outlines the vulnerability's cause (lack of input sanitization) and potential impact (arbitrary script execution in a user's browser context).
Description
Cross-site scripting (XSS) vulnerability in clickdesk.php in ClickDesk Live Support - Live Chat plugin 2.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via the cdwidgetid parameter. NOTE: some of these details are obtained from third party information.
Exploits (1)
The provided text describes a cross-site scripting (XSS) vulnerability in the ClickDesk Live Support plugin for WordPress. It outlines the vulnerability's cause (lack of input sanitization) and potential impact (arbitrary script execution in a user's browser context).