Filtered by vendor Tawk Subscriptions
Filtered by product Tawk.to Subscriptions

Search

Switch to Advanced Search (Beta)
Total 3 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2025-45960 1 Tawk 1 Tawk.to 2025-10-14 6.1 Medium
Cross Site Scripting vulnerability in tawk.to Live Chat v.1.6.1 allows a remote attacker to execute arbitrary code via the web application stores and displays user-supplied input without proper input validation or encoding
CVE-2025-57483 1 Tawk 1 Tawk.to 2025-09-30 8.1 High
A reflected cross-site scripting (XSS) vulnerability in tawk.to chatbox widget v4 allows attackers to execute arbitrary Javascript in the context of the user's browser via injecting a crafted payload into the vulnerable parameter.
CVE-2024-57026 1 Tawk 1 Tawk.to 2025-03-03 6.1 Medium
TawkTo Widget Version <= 1.3.7 is vulnerable to Cross Site Scripting (XSS) due to processing user input in a way that allows JavaScript execution.