Better Messages Security Vulnerabilities and Issues — Better Messages CVE List

Lucene search

WordplusBetter Messages

3 matches found

CVE•added 2025/03/01 9:15 a.m.•42 views

CVE-2024-13611

The Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.6.9 via the 'bp-better-messages' directory. This makes it possible for unauthenticated attackers...

7.5CVSS6.6AI score0.00051EPSS

CVE•added 2025/02/01 1:15 p.m.•40 views

CVE-2024-13612

The Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'better_messages_live_chat_button' shortcode in all versions up to, and including, 2.6.9 due to insufficient input sanitiz...

6.4CVSS5.7AI score0.00045EPSS

CVE•added 2025/03/01 9:15 a.m.•39 views

CVE-2024-13697

The Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.7.4 via the 'nice_links'. This makes it possible for unauthenticated attackers to make web requests...

6.5CVSS6.8AI score0.00055EPSS