3 matches found
CVE-2024-8720
creationtimestamp| type| source ---|---|--- 2024-10-01 11:03:58+00:00| seen| https://t.me/cvedetector/6715...
CVE-2024-8720 RumbleTalk Live Group Chat – HTML5 <= 6.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
The RumbleTalk Live Group Chat – HTML5 plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'rumbletalk-admin-button' shortcode in all versions up to, and including, 6.3.0 due to insufficient input sanitization and output escaping on user supplied attributes. This...
WordPress RumbleTalk Live Group Chat Plugin <= 6.3.0 is vulnerable to Cross Site Scripting (XSS)
Software RumbleTalk Live Group Chat Type Plugin Vulnerable versions = 6.3.0 Fixed in 6.3.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8720 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 0ff096209d81 Credits stealthcopter...