15 matches found
CVE-2023-45828
Missing Authorization vulnerability in RumbleTalk RumbleTalk Live Group Chat rumbletalk-chat-a-chat-with-themes allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RumbleTalk Live Group Chat: from n/a through = 6.2.5...
EUVD-2023-50098
Malicious code in bioql PyPI...
CVE-2025-58626
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RumbleTalk RumbleTalk Live Group Chat rumbletalk-chat-a-chat-with-themes allows Stored XSS.This issue affects RumbleTalk Live Group Chat: from n/a through = 6.3.5...
CVE-2025-58626
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RumbleTalk RumbleTalk Live Group Chat rumbletalk-chat-a-chat-with-themes allows Stored XSS.This issue affects RumbleTalk Live Group Chat: from n/a through = 6.3.5...
WordPress plugin RumbleTalk Live Group Chat 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in the...
PT-2025-35759
Name of the Vulnerable Software and Affected Versions: RumbleTalk Live Group Chat versions through 6.3.5 Description: RumbleTalk Live Group Chat is susceptible to a cross-site scripting XSS issue due to improper neutralization of input during web page generation. This allows for stored XSS attack...
CVE-2023-45828
Missing Authorization vulnerability in RumbleTalk RumbleTalk Live Group Chat rumbletalk-chat-a-chat-with-themes allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RumbleTalk Live Group Chat: from n/a through = 6.2.5...
CVE-2023-45828 WordPress RumbleTalk Live Group Chat plugin <= 6.2.5 - Broken Access Control vulnerability
Missing Authorization vulnerability in RumbleTalk RumbleTalk Live Group Chat rumbletalk-chat-a-chat-with-themes allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RumbleTalk Live Group Chat: from n/a through = 6.2.5...
CVE-2023-45828 WordPress RumbleTalk Live Group Chat plugin <= 6.2.5 - Broken Access Control vulnerability
Missing Authorization vulnerability in RumbleTalk RumbleTalk Live Group Chat rumbletalk-chat-a-chat-with-themes allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RumbleTalk Live Group Chat: from n/a through = 6.2.5...
CVE-2024-8720
The RumbleTalk Live Group Chat – HTML5 plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'rumbletalk-admin-button' shortcode in all versions up to, and including, 6.3.0 due to insufficient input sanitization and output escaping on user supplied attributes. This...
CVE-2024-8720
CVE-2024-8720 affects the RumbleTalk Live Group Chat – HTML5 WP plugin. The stored XSS vulnerability exists in the rumbletalk-admin-button shortcode in all versions up to and including 6.3.0 due to insufficient input sanitization and output escaping of user-supplied attributes. Exploitation requi...
CVE-2024-8720 RumbleTalk Live Group Chat – HTML5 <= 6.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
The RumbleTalk Live Group Chat – HTML5 plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'rumbletalk-admin-button' shortcode in all versions up to, and including, 6.3.0 due to insufficient input sanitization and output escaping on user supplied attributes. This...
WordPress RumbleTalk Live Group Chat Plugin <= 6.3.0 is vulnerable to Cross Site Scripting (XSS)
Software RumbleTalk Live Group Chat Type Plugin Vulnerable versions = 6.3.0 Fixed in 6.3.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8720 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 0ff096209d81 Credits stealthcopter...
WordPress plugin RumbleTalk Live Group Chat 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in the...
WordPress RumbleTalk Live Group Chat Plugin <= 6.2.5 is vulnerable to Broken Access Control
Software RumbleTalk Live Group Chat Type Plugin Vulnerable versions = 6.2.5 Fixed in 6.2.6 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-45828 Patch priority Medium CVSS severity Medium 5.4 Developer Claim ownership PSID 142311804af3 Credits Mika Require...