| CVE-2025-14154 | Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss <= 2.10.2 - Unauthenticated Stored Cross-Site Scripting | wordplus | Better Messages – Live Chat, Chat Rooms, Real-Time Messaging & Private Messages | Medium | 6.1 | 2025-12-17 05:24:55 | Deep Dive |
| CVE-2024-9017 | PeepSo Core: Groups <= 6.4.6.0 - Authenticated (Subscriber+) Stored Cross-Site Scripting via Group Description | PeepSo | PeepSo Core: Groups | Medium | 6.4 | 2025-07-03 06:44:25 | Deep Dive |
| CVE-2024-8988 | PeepSo Core: File Uploads <= 6.4.6.0 - Insecure Direct Object Reference to Unauthenticated Sensitive Information Exposure via file_download | PeepSo | PeepSo Core: File Uploads | Medium | 5.3 | 2025-05-14 08:22:09 | Deep Dive |
| CVE-2024-13697 | Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss <= 2.7.4 - Unauthenticated Limited Server-Side Request Forgery in nice_links | wordplus | Better Messages – Live Chat, Chat Rooms, Real-Time Messaging & Private Messages | Medium | 4.8 | 2025-03-01 08:23:21 | Deep Dive |
| CVE-2024-13611 | Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss <= 2.6.9 - Unauthenticated Sensitive Information Exposure Through Unprotected Directory | wordplus | Better Messages – Live Chat, Chat Rooms, Real-Time Messaging & Private Messages | High | 7.5 | 2025-03-01 08:23:20 | Deep Dive |
| CVE-2024-13612 | Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss <= 2.6.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | wordplus | Better Messages – Live Chat, Chat Rooms, Real-Time Messaging & Private Messages | Medium | 6.4 | 2025-02-01 12:21:31 | Deep Dive |
| CVE-2024-11447 | Community by PeepSo – Social Network, Membership, Registration, User Profiles, Premium – Mobile App <=7.0.3.0 - Reflected Cross-Site Scripting | peepso | Community by PeepSo – Download from PeepSo.com | Medium | 6.1 | 2024-11-21 02:06:18 | Deep Dive |
| CVE-2022-4974 | Freemius SDK <= 2.4.2 - Missing Authorization Checks | dashlabsltd | YASR – Yet Another Star Rating Plugin for WordPress | Medium | 6.3 | 2024-10-16 06:43:30 | Deep Dive |
| CVE-2024-9873 | Community by PeepSo <= 6.4.6.1 - Authenticated (Subscriber+) Stored Cross-Site Scripting | peepso | Community by PeepSo – Download from PeepSo.com | Medium | 5.4 | 2024-10-16 05:31:56 | Deep Dive |
| CVE-2024-7426 | Community by PeepSo – Social Network, Membership, Registration, User Profiles <= 6.4.6.0 - Unauthenticated Full Path Disclosure | peepso | Community by PeepSo – Download from PeepSo.com | Medium | 5.3 | 2024-09-25 02:05:05 | Deep Dive |
| CVE-2024-7655 | Community by PeepSo – Social Network, Membership, Registration, User Profiles <= 6.4.5.0 - Authenticated (Administrator+) Stored Cross-Site Scripting | peepso | Community by PeepSo – Download from PeepSo.com | Medium | 4.4 | 2024-09-10 07:30:04 | Deep Dive |
| CVE-2024-7618 | Community by PeepSo – Social Network, Membership, Registration, User Profiles <= 6.4.5.0 - Authenticated (Administrator+) Stored Cross-Site Scripting via content Parameter | peepso | Community by PeepSo – Download from PeepSo.com | Medium | 4.4 | 2024-09-10 07:30:04 | Deep Dive |
| CVE-2024-31251 | WordPress Community by PeepSo plugin <= 6.3.1.1 - Cross Site Request Forgery (CSRF) vulnerability | PeepSo | Community by PeepSo | Medium | 4.3 | 2024-04-12 12:54:56 | Deep Dive |
| CVE-2024-25923 | WordPress Community by PeepSo plugin <= 6.2.7.0 - Sensitive Data Exposure via Log File vulnerability | PeepSo | Community by PeepSo | Medium | 5.3 | 2024-03-28 06:17:39 | Deep Dive |
| CVE-2023-27630 | WordPress Community by PeepSo plugin <= 6.0.9.0 - Server Information Disclosure | PeepSo | Community by PeepSo | Medium | 5.3 | 2024-03-26 20:05:23 | Deep Dive |
| CVE-2024-22158 | WordPress PeepSo Core: Photos Plugin < 6.3.1.0 is vulnerable to Cross Site Scripting (XSS) | PeepSo | Community by PeepSo – Social Network, Membership, Registration, User Profiles | Medium | 6.5 | 2024-01-31 18:15:01 | Deep Dive |
| CVE-2023-7125 | Community by PeepSo < 6.3.1.2 - User Post Creation via CSRF | Unknown | Community by PeepSo | 中危 | - | 2024-01-16 15:57:05 | Deep Dive |
| CVE-2024-0187 | Community by PeepSo < 6.3.1.2 - Reflected XSS | Unknown | Community by PeepSo | 中危 | - | 2024-01-16 15:57:01 | Deep Dive |
| CVE-2023-49168 | WordPress BP Better Messages Plugin <= 2.4.0 is vulnerable to Cross Site Scripting (XSS) | WordPlus | Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss | Medium | 6.5 | 2023-12-14 14:49:33 | Deep Dive |
| CVE-2023-48746 | WordPress Community by PeepSo Plugin <= 6.2.6.0 is vulnerable to Cross Site Scripting (XSS) | PeepSo | Community by PeepSo – Social Network, Membership, Registration, User Profiles | High | 7.1 | 2023-11-30 16:25:31 | Deep Dive |