Lucene search
+L

28 matches found

Patchstack
Patchstack
added 2024/10/01 3:43 a.m.5 views

WordPress RumbleTalk Live Group Chat plugin <= 6.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by stealthcopter, theviper17y in WordPress Plugin RumbleTalk Live Group Chat versions = 6.3.0...

6.4CVSS5.7AI score0.00335EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/10/01 12:0 a.m.5 views

WordPress plugin RumbleTalk Live Group Chat 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in the...

6.4CVSS5.9AI score0.00335EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/10/01 12:0 a.m.9 views

WordPress RumbleTalk Live Group Chat Plugin <= 6.3.0 is vulnerable to Cross Site Scripting (XSS)

Software RumbleTalk Live Group Chat Type Plugin Vulnerable versions = 6.3.0 Fixed in 6.3.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8720 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 0ff096209d81 Credits stealthcopter...

6.4CVSS6.3AI score0.00335EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2024/10/01 12:0 a.m.8 views

PT-2024-39200 · WordPress · Rumbletalk Live Group Chat

Name of the Vulnerable Software and Affected Versions: RumbleTalk Live Group Chat – HTML5 plugin for WordPress versions up to, and including, 6.3.0 Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'rumbletalk-admin-button' shortcode due to insufficient input...

6.4CVSS6.1AI score0.00335EPSS
Exploits0References7
WPVulnDB
WPVulnDB
added 2023/11/23 12:0 a.m.12 views

RumbleTalk Live Group Chat < 6.2.0 - Missing Authorization via handleRequest

Description The RumbleTalk Live Group Chat plugin for WordPress is vulnerable to unauthorized access of data, modification of data, and loss of data due to a missing capability check on the handleRequest AJAX function in versions up to, and including, 6.1.9. This makes it possible for authenticat...

6.7AI score0.00797EPSS
Exploits1References1Affected Software1
GithubExploit
GithubExploit
added 2023/10/17 8:41 a.m.21 views

Exploit for CVE-2023-45828

CVE-2023-45828 RumbleTalk Live Group Chat = 6.1.9 - Missin...

5.4CVSS9.1AI score0.00797EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2023/10/17 12:0 a.m.10 views

PT-2023-29715 · Rumbletalk · Rumbletalk Live Group Chat

Name of the Vulnerable Software and Affected Versions: RumbleTalk Live Group Chat versions n/a through 6.2.5 Description: The issue is related to a missing authorization vulnerability in RumbleTalk Live Group Chat, which allows the exploitation of incorrectly configured access control security...

5.4CVSS9.5AI score0.00797EPSS
Exploits1References5
Patchstack
Patchstack
added 2023/10/13 12:0 a.m.27 views

WordPress RumbleTalk Live Group Chat Plugin <= 6.2.5 is vulnerable to Broken Access Control

Software RumbleTalk Live Group Chat Type Plugin Vulnerable versions = 6.2.5 Fixed in 6.2.6 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-45828 Patch priority Medium CVSS severity Medium 5.4 Developer Claim ownership PSID 142311804af3 Credits Mika Require...

6.5AI score0.00797EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder