CVE-2026-27954 | livehelperchat up to 4.52 holdaction.php hasAccessToRead authorization (GHSA-87wc-2p86-h3w7)
A vulnerability was found in livehelperchat up to 4.52. It has been declared as problematic. Affected by this issue is the function erLhcoreClassChat::hasAccessToRead of the file holdaction.php. Executing a manipulation can lead to missing authorization.
This vulnerability is registered as CVE-2026-27954. It is possible to launch the attack remotely. No exploit is available.