Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

wordplus — Vulnerabilities & Security Advisories 11

Browse all 11 CVE security advisories affecting wordplus. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by wordplus:Better Messages (WordPress plugin)Better Messages – Live Chat, Chat Rooms, Real-Time Messaging & Private MessagesBetter Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBossBP Better Messages
CVE IDTitleCVSSSeverityPublished
CVE-2025-14154 Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss <= 2.10.2 - Unauthenticated Stored Cross-Site Scripting — Better Messages – Live Chat, Chat Rooms, Real-Time Messaging & Private MessagesCWE-79 6.1 Medium2025-12-17
CVE-2024-13697 Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss <= 2.7.4 - Unauthenticated Limited Server-Side Request Forgery in nice_links — Better Messages – Live Chat, Chat Rooms, Real-Time Messaging & Private MessagesCWE-918 4.8 Medium2025-03-01
CVE-2024-13611 Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss <= 2.6.9 - Unauthenticated Sensitive Information Exposure Through Unprotected Directory — Better Messages – Live Chat, Chat Rooms, Real-Time Messaging & Private MessagesCWE-200 7.5 High2025-03-01
CVE-2024-13612 Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss <= 2.6.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — Better Messages – Live Chat, Chat Rooms, Real-Time Messaging & Private MessagesCWE-79 6.4 Medium2025-02-01
CVE-2024-32802 WordPress Better Messages plugin <= 2.4.32 - Broken Authentication vulnerability — BP Better MessagesCWE-862 5.3 Medium2024-05-17
CVE-2023-49168 WordPress BP Better Messages Plugin <= 2.4.0 is vulnerable to Cross Site Scripting (XSS) — Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBossCWE-79 6.5 Medium2023-12-14
CVE-2022-41609 WordPress Better Messages plugin <= 1.9.10.68 - Server-Side Request Forgery (SSRF) vulnerability — Better Messages (WordPress plugin)CWE-918 6.4 Medium2022-11-18
CVE-2022-40216 WordPress Better Messages plugin <= 1.9.10.69 - Auth. Messaging Block Bypass vulnerability — Better Messages (WordPress plugin) 4.3 Medium2022-11-18
CVE-2022-36389 WordPress Better Messages plugin <= 1.9.9.148 - Cross-Site Request Forgery (CSRF) vulnerability — Better Messages (WordPress plugin)CWE-352 4.3 Medium2022-08-23
CVE-2022-33142 WordPress Better Messages plugin <= 1.9.10.57 - Denial Of Service (DoS) vulnerability — Better Messages (WordPress plugin) 7.7 High2022-08-23
CVE-2022-29454 WordPress Better Messages plugin <= 1.9.9.148 - Cross-Site Request Forgery (CSRF) vulnerability — Better Messages (WordPress plugin)CWE-352 3.1 Low2022-07-20

This page lists every published CVE security advisory associated with wordplus. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.