| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-8720 | RumbleTalk Live Group Chat – HTML5 <= 6.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting | rumbletalk | RumbleTalk Live Group Chat – HTML5 | Medium | 6.4 | 2024-10-01 07:30:12 | Deep Dive |
| CVE-2024-7869 | 123.chat - Video Chat <= 1.3.1 - Unauthenticated Stored Cross-Site Scripting | 123.chat | 123.chat - Video Chat | High | 7.2 | 2024-10-01 07:30:10 | Deep Dive |
| CVE-2024-47066 | Lobe Chat has insufficient fix for GHSA-mxhq-xw3g-rphc (CVE-2024-32964) | lobehub | lobe-chat | Critical | 9.0 | 2024-09-23 15:17:43 | Deep Dive |
| CVE-2024-7816 | Gixaw Chat <= 1.0 - Stored XSS via CSRF | Unknown | Gixaw Chat | - | - | 2024-09-12 06:00:05 | Deep Dive |
| CVE-2024-5879 | HubSpot – CRM, Email Marketing, Live Chat, Forms & Analytics <= 11.1.22 - Authenticated (Contributor+) Stored Cross-Site Scripting via HubSpot Meeting Widget | hubspotdev | HubSpot All-In-One Marketing – Forms, Popups, Live Chat | Medium | 6.4 | 2024-08-30 04:29:57 | Deep Dive |
| CVE-2024-6498 | CollectChat < 2.4.4 - Admin+ XSS | Unknown | Chatbot for WordPress by Collect.chat ⚡️ | - | - | 2024-08-05 06:00:08 | Deep Dive |
| CVE-2024-39713 | Rocket.Chat 安全漏洞 | Rocket.Chat | Rocket.Chat | - | - | 2024-08-05 04:26:07 | Deep Dive |
| CVE-2024-37405 | RocketChat LiveChat 安全漏洞 | Rocket.Chat | Rocket.Chat | - | - | 2024-07-12 15:41:03 | Deep Dive |
| CVE-2024-4664 | WP Chat App < 3.6.5 - Admin+ Stored XSS | Unknown | WP Chat App | - | - | 2024-06-27 06:00:04 | Deep Dive |
| CVE-2024-37895 | API Key Leak in lobe-chat | lobehub | lobe-chat | Medium | 5.7 | 2024-06-17 19:28:31 | Deep Dive |
| CVE-2024-4149 | Floating Chat Widget < 3.2.3 - Admin+ Stored XSS | Unknown | Floating Chat Widget: Contact Chat Icons, WhatsApp, Telegram Chat, Line Messenger, WeChat, Email, SMS, Call Button | - | - | 2024-06-13 06:00:03 | Deep Dive |
| CVE-2024-35673 | WordPress Pure Chat plugin <= 2.22 - Cross Site Request Forgery (CSRF) vulnerability | Pure Chat by Ruby | Pure Chat | Medium | 4.3 | 2024-06-05 13:22:27 | Deep Dive |
| CVE-2024-2470 | Simple Ajax Chat < 20240412 - Admin+ Stored XSS | Unknown | Simple Ajax Chat | - | - | 2024-06-04 06:00:02 | Deep Dive |
| CVE-2024-4975 | code-projects Simple Chat System Message cross site scripting | code-projects | Simple Chat System | Low | 3.5 | 2024-05-16 10:00:05 | Deep Dive |
| CVE-2024-4974 | code-projects Simple Chat System register.php cross site scripting | code-projects | Simple Chat System | Low | 3.5 | 2024-05-16 09:31:06 | Deep Dive |
| CVE-2024-4973 | code-projects Simple Chat System register.php sql injection | code-projects | Simple Chat System | Medium | 6.3 | 2024-05-16 09:31:04 | Deep Dive |
| CVE-2024-4972 | code-projects Simple Chat System login.php sql injection | code-projects | Simple Chat System | Medium | 6.3 | 2024-05-16 09:00:05 | Deep Dive |
| CVE-2024-32964 | lobe-chat `/api/proxy` endpoint Server-Side Request Forgery vulnerability | lobehub | lobe-chat | Critical | 9.0 | 2024-05-10 14:49:31 | Deep Dive |
| CVE-2024-3595 | Pure Chat – Live Chat Plugin & More! <= 2.22 - Authenticated (Subscriber+) Stored Cross-Site Scripting | pure-chat | Pure Chat – Live Chat & More! | Medium | 6.4 | 2024-05-09 20:03:29 | Deep Dive |
| CVE-2024-3849 | Click to Chat – HoliThemes <= 3.35 - Authenticated (Contributor+) Local File Inclusion | holithemes | Click to Chat – HoliThemes | High | 8.8 | 2024-05-02 16:52:55 | Deep Dive |