CVE-2026-42736

Authorization Bypass Through User-Controlled Key vulnerability in wordplus BP Better Messages bp-better-messages allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BP Better Messages: from n/a through = 2.14.16...

EUVD-2026-32188

Authorization Bypass Through User-Controlled Key vulnerability in wordplus BP Better Messages bp-better-messages allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BP Better Messages: from n/a through = 2.14.16...

CVE-2026-42736

Authorization Bypass Through User-Controlled Key vulnerability in wordplus BP Better Messages bp-better-messages allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BP Better Messages: from n/a through = 2.14.16...

PT-2026-43648

Authorization Bypass Through User-Controlled Key vulnerability in wordplus BP Better Messages bp-better-messages allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BP Better Messages: from n/a through = 2.14.16...

EUVD-2022-39102

Malicious code in bioql PyPI...

EUVD-2022-36192

Malicious code in bioql PyPI...

EUVD-2024-30588

Malicious code in bioql PyPI...

CVE-2024-32802

Missing Authorization vulnerability in WordPlus BP Better Messages allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects BP Better Messages: from n/a through 2.4.32...

CVE-2024-32802

CVE-2024-32802 is a Missing Authorization vulnerability in WordPress plugin BP Better Messages, affecting versions up to 2.4.32. The issue allows accessing functionality not constrained by ACLs. The public data confirms affected software and impact level (CVSS v3.1 base score 5.3, Medium), but th...

CVE-2024-32802 WordPress Better Messages plugin <= 2.4.32 - Broken Authentication vulnerability

Missing Authorization vulnerability in WordPlus BP Better Messages allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects BP Better Messages: from n/a through 2.4.32...

CVE-2023-49168

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WordPlus Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss allows Stored XSS.This issue affects Better Messages – Live Chat for WordPress, BuddyPress, PeepSo...

CVE-2023-49168

CVE-2023-49168 is a Stored XSS vulnerability in the WordPress plugin BP Better Messages (Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss). Affected versions are through 2.4.0; the issue arises from improper input neutralization during web page generation....

PT-2023-31085 · Unknown · Wordplus Better Messages

Name of the Vulnerable Software and Affected Versions: WordPlus Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss versions through 2.4.0 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-si...

CVE-2022-36389

Cross-Site Request Forgery CSRF vulnerability in WordPlus Better Messages plugin = 1.9.9.148 at WordPress...

CVE-2022-36389

Cross-Site Request Forgery CSRF vulnerability in WordPlus Better Messages plugin = 1.9.9.148 at WordPress...

CVE-2022-33142

Authenticated subscriber+ Denial Of Service DoS vulnerability in WordPlus WordPress Better Messages plugin = 1.9.10.57 at WordPress...

CVE-2022-33142

Authenticated subscriber+ Denial Of Service DoS vulnerability in WordPlus WordPress Better Messages plugin = 1.9.10.57 at WordPress...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in WordPlus Better Messages plugin = 1.9.9.148 at WordPress...

CVE-2022-36389

The CVE-2022-36389 entry concerns the WordPress BP Better Messages plugin, affected in versions ≤ 1.9.9.148. The issue is a Cross-Site Request Forgery (CSRF) vulnerability in the plugin. The primary impact described in the sources is high (per CVSS data), but the connected documents do not provid...

CVE-2022-33142

The CVE-2022-33142 issue affects WordPlus WordPress Better Messages plugin versions ≤ 1.9.10.57. It is an authenticated (subscriber+) Denial of Service vulnerability. Several sources confirm the root cause is related to DoS risk from unauthorised-length/handling issues in message processing, enab...