Skip to main content

Chat Bubble

3 CVEs product

Monthly

CVE-2024-0898 MEDIUM This Month

The Chat Bubble - Floating Chat with Contact Chat Icons, Messages, Telegram, Email, SMS, Call me back plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all. Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. No vendor patch available.

XSS WordPress Chat Bubble
NVD VulDB
CVSS 3.1
4.4
EPSS
0.2%
CVE-2023-48769 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Blue Coral Chat Bubble - Floating Chat with Contact Chat Icons, Messages, Telegram, Email, SMS, Call me back.3. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Chat Bubble
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2022-3415 MEDIUM POC This Month

The Chat Bubble WordPress plugin before 2.3 does not sanitise and escape some contact parameters, which could allow unauthenticated attackers to set Stored Cross-Site Scripting payloads in them,. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Chat Bubble
NVD WPScan VulDB
CVSS 3.1
6.1
EPSS
0.5%
EPSS 0% CVSS 4.4
MEDIUM This Month

The Chat Bubble - Floating Chat with Contact Chat Icons, Messages, Telegram, Email, SMS, Call me back plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all. Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. No vendor patch available.

XSS WordPress Chat Bubble
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Blue Coral Chat Bubble - Floating Chat with Contact Chat Icons, Messages, Telegram, Email, SMS, Call me back.3. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Chat Bubble
NVD
EPSS 1% CVSS 6.1
MEDIUM POC This Month

The Chat Bubble WordPress plugin before 2.3 does not sanitise and escape some contact parameters, which could allow unauthenticated attackers to set Stored Cross-Site Scripting payloads in them,. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Chat Bubble
NVD WPScan VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy