| CVE-2022-4974 | Freemius SDK <= 2.4.2 - Missing Authorization Checks | dashlabsltd | YASR – Yet Another Star Rating Plugin for WordPress | Medium | 6.3 | 2024-10-16 06:43:30 | Deep Dive |
| CVE-2024-32802 | WordPress Better Messages plugin <= 2.4.32 - Broken Authentication vulnerability | WordPlus | BP Better Messages | Medium | 5.3 | 2024-05-17 09:38:32 | Deep Dive |
| CVE-2024-0898 | Chat Bubble <= 2.3 - Authenticated (Administrator+) Stored Cross-Site Scripting | bluecoral | Chat Bubble – Floating Chat with Contact Chat Icons, Messages, Telegram, Email, SMS, Call me back | Medium | 4.4 | 2024-03-13 15:27:09 | Deep Dive |
| CVE-2023-51361 | WordPress Sticky Chat Widget Plugin <= 1.1.8 is vulnerable to Cross Site Scripting (XSS) | Ginger Plugins | Sticky Chat Widget: Click to chat, SMS, Email, Messages, Call Button, Live Chat and Live Support Button | Medium | 5.9 | 2023-12-29 11:01:30 | Deep Dive |
| CVE-2023-29096 | WordPress Contact Form to DB by BestWebSoft Plugin <= 1.7.0 is vulnerable to SQL Injection | BestWebSoft | Contact Form to DB by BestWebSoft – Messages Database Plugin For WordPress | High | 8.5 | 2023-12-20 17:16:06 | Deep Dive |
| CVE-2023-48769 | WordPress Chat Bubble Plugin <= 2.3 is vulnerable to Cross Site Request Forgery (CSRF) | Blue Coral | Chat Bubble – Floating Chat with Contact Chat Icons, Messages, Telegram, Email, SMS, Call me back | Medium | 4.3 | 2023-12-18 21:57:08 | Deep Dive |
| CVE-2023-49168 | WordPress BP Better Messages Plugin <= 2.4.0 is vulnerable to Cross Site Scripting (XSS) | WordPlus | Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss | Medium | 6.5 | 2023-12-14 14:49:33 | Deep Dive |
| CVE-2023-36508 | WordPress Contact Form to DB by BestWebSoft Plugin <= 1.7.1 is vulnerable to SQL Injection | BestWebSoft | Contact Form to DB by BestWebSoft – Messages Database Plugin For WordPress | 超危 | - | 2023-10-31 14:23:21 | Deep Dive |
| CVE-2022-41609 | WordPress Better Messages plugin <= 1.9.10.68 - Server-Side Request Forgery (SSRF) vulnerability | WordPlus | Better Messages (WordPress plugin) | Medium | 6.4 | 2022-11-18 23:18:51 | Deep Dive |
| CVE-2022-40216 | WordPress Better Messages plugin <= 1.9.10.69 - Auth. Messaging Block Bypass vulnerability | WordPlus | Better Messages (WordPress plugin) | Medium | 4.3 | 2022-11-18 22:33:04 | Deep Dive |
| CVE-2022-3415 | Chat Bubble < 2.3 - Unauthenticated Stored Cross-Site Scripting | Unknown | Chat Bubble – Floating Chat with Contact Chat Icons, Messages, Telegram, Email, SMS, Call me back | 中危 | - | 2022-11-14 00:00:00 | Deep Dive |
| CVE-2022-36389 | WordPress Better Messages plugin <= 1.9.9.148 - Cross-Site Request Forgery (CSRF) vulnerability | WordPlus | Better Messages (WordPress plugin) | Medium | 4.3 | 2022-08-23 15:48:48 | Deep Dive |
| CVE-2022-33142 | WordPress Better Messages plugin <= 1.9.10.57 - Denial Of Service (DoS) vulnerability | WordPlus | Better Messages (WordPress plugin) | High | 7.7 | 2022-08-23 15:46:19 | Deep Dive |
| CVE-2022-29454 | WordPress Better Messages plugin <= 1.9.9.148 - Cross-Site Request Forgery (CSRF) vulnerability | WordPlus | Better Messages (WordPress plugin) | Low | 3.1 | 2022-07-20 18:36:46 | Deep Dive |
| CVE-2017-20128 | KB Messages PHP Script sql injection | unspecified | KB Messages PHP Script | High | 7.3 | 2022-07-13 17:55:25 | Deep Dive |
| CVE-2022-29442 | Private Messages For WordPress <= 2.1.10 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability | Rilwis | Private Messages For WordPress (WordPress plugin) | Medium | 5.4 | 2022-06-15 15:38:44 | Deep Dive |
| CVE-2022-29441 | WordPress Private Messages For WordPress plugin <= 2.1.10 - Sending Messages via Cross-Site Request Forgery (CSRF) vulnerability | Rilwis | Private Messages For WordPress (WordPress plugin) | Medium | 4.3 | 2022-06-15 15:35:57 | Deep Dive |
| CVE-2021-25016 | Chaty < 2.8.3 - Reflected Cross-Site Scripting | Unknown | Floating Chat Widget: Contact Icons, Messages, Telegram, Email, SMS, Call Button – Chaty | 中危 | - | 2022-01-03 12:49:12 | Deep Dive |
| CVE-2021-24809 | BP Better Messages < 1.9.9.41 - Multiple CSRF | Unknown | BP Better Messages | 高危 | - | 2021-11-01 08:46:30 | Deep Dive |
| CVE-2021-24808 | BP Better Messages < 1.9.9.41 - Reflected Cross-Site Scripting | Unknown | BP Better Messages | 中危 | - | 2021-11-01 08:46:29 | Deep Dive |