Simple Ajax Chat leaks sensitive system data to unauthorized users

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

5.3

Simple Ajax Chat leaks sensitive system data to unauthorized users

CVE-2026-3075

Summary

The Simple Ajax Chat plugin on your website may expose sensitive information to anyone accessing the chat, including site settings and other confidential data. This is a security risk because unauthorized users can view sensitive data. Update Simple Ajax Chat to the latest version or remove it to prevent this issue.

Original title

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Jeff Starr Simple Ajax Chat simple-ajax-chat allows Retrieve Embedded Sensitive Data.This issue affects S...

Original description

nvd CVSS3.1 5.3

Vulnerability type

CWE-497

https://patchstack.com/database/Wordpress/Plugin/simple-ajax-chat/vulnerability/...

Published: 23 Feb 2026 · Updated: 12 Mar 2026 · First seen: 6 Mar 2026