CVE-2026-42736

Authorization Bypass Through User-Controlled Key vulnerability in wordplus BP Better Messages bp-better-messages allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BP Better Messages: from n/a through = 2.14.16...

EUVD-2022-39102

Malicious code in bioql PyPI...

CVE-2023-49168

CVE-2023-49168 is a Stored XSS vulnerability in the WordPress plugin BP Better Messages (Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss). Affected versions are through 2.4.0; the issue arises from improper input neutralization during web page generation....

PT-2023-31085 · Unknown · Wordplus Better Messages

Name of the Vulnerable Software and Affected Versions: WordPlus Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss versions through 2.4.0 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-si...

CVE-2022-36389

Cross-Site Request Forgery CSRF vulnerability in WordPlus Better Messages plugin = 1.9.9.148 at WordPress...

CVE-2022-36389

Cross-Site Request Forgery CSRF vulnerability in WordPlus Better Messages plugin = 1.9.9.148 at WordPress...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in WordPlus Better Messages plugin = 1.9.9.148 at WordPress...

CVE-2022-36389

The CVE-2022-36389 entry concerns the WordPress BP Better Messages plugin, affected in versions ≤ 1.9.9.148. The issue is a Cross-Site Request Forgery (CSRF) vulnerability in the plugin. The primary impact described in the sources is high (per CVSS data), but the connected documents do not provid...

PT-2022-23348 · Unknown · Wordplus Better Messages

Name of the Vulnerable Software and Affected Versions: WordPlus Better Messages plugin versions = 1.9.9.148 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a w...

CVE-2022-29454

Cross-Site Request Forgery CSRF vulnerability in WordPlus Better Messages plugin = 1.9.9.148 at WordPress allows attackers to upload files. File attachment to messages must be activated...

CVE-2022-29454

Cross-Site Request Forgery CSRF vulnerability in WordPlus Better Messages plugin = 1.9.9.148 at WordPress allows attackers to upload files. File attachment to messages must be activated...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in WordPlus Better Messages plugin = 1.9.9.148 at WordPress allows attackers to upload files. File attachment to messages must be activated...

CVE-2022-29454

CVE-2022-29454 affects the WordPress plugin WordPlus Better Messages (versions

WordPress plugin WordPlus Better Messages 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin WordPlus...