5 matches found
CVE-2024-13697
The Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.7.4 via the 'nicelinks'. This makes it possible for unauthenticated attackers to make web request...
CVE-2024-13697
creationtimestamp| type| source ---|---|--- 2025-03-01 09:30:19+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/6067 2025-03-01 12:16:06+00:00| seen| https://t.me/cvedetector/19231 2025-03-02 11:46:58+00:00| seen| Telegram/XgnI4V8Wnz3lSuKrUbZrFlszjJpI1TBdy26rdGlrarwKVH5h...
CVE-2024-13697
The Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.7.4 via the 'nicelinks'. This makes it possible for unauthenticated attackers to make web request...
CVE-2024-13697 Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss <= 2.7.4 - Unauthenticated Limited Server-Side Request Forgery in nice_links
The Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.7.4 via the 'nicelinks'. This makes it possible for unauthenticated attackers to make web request...
CVE-2024-13697
CVE-2024-13697 documents an unauthenticated SSRF in Better Messages for WordPress (plugin versions up to 2.7.4) via the nice_links feature. Exploitation requires Enable link previews (default). The connected docs indicate a patch is available and advise upgrading to a fixed version; no further ex...