{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-23T22:02:33.452","vulnerabilities":[{"cve":{"id":"CVE-2024-44018","sourceIdentifier":"audit@patchstack.com","published":"2024-10-05T13:15:12.890","lastModified":"2026-06-17T07:52:10.013","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in istmoplugins Instant Chat Floating Button for WordPress Websites instant-chat-wp allows PHP Local File Inclusion.This issue affects Instant Chat Floating Button for WordPress Websites: from n/a through <= 1.0.5."},{"lang":"es","value":"La vulnerabilidad de limitación incorrecta de una ruta a un directorio restringido ('Path Traversal') en Istmo Plugins Instant Chat Floating Button for WordPress Websites permite la inclusión de archivos locales en PHP. Este problema afecta al botón flotante de chat instantáneo para sitios web de WordPress: desde n/a hasta 1.0.5."}],"affected":[{"source":"audit@patchstack.com","affectedData":[{"vendor":"istmoplugins","product":"Instant Chat Floating Button for WordPress Websites","defaultStatus":"unaffected","collectionURL":"https://wordpress.org/plugins","packageName":"instant-chat-wp","versions":[{"version":"0","lessThanOrEqual":"1.0.5","versionType":"custom","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"istmo_plugins","product":"instant_chat_floating_button_for_wordpress_websites","defaultStatus":"unknown","cpes":["cpe:2.3:a:istmo_plugins:instant_chat_floating_button_for_wordpress_websites:*:*:*:*:*:*:*:*"],"versions":[{"version":"0","lessThanOrEqual":"1.0.5","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-07T14:26:53.520699Z","id":"CVE-2024-44018","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"references":[{"url":"https://patchstack.com/database/Wordpress/Plugin/instant-chat-wp/vulnerability/wordpress-instant-chat-wp-plugin-1-0-5-local-file-inclusion-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}}]}