Security Advisory

CVE-2022-3415

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-11-14 00:00:00

Last updated 2025-04-30 19:31:45

Assigner WPScan

State PUBLISHED

Description

The Chat Bubble WordPress plugin before 2.3 does not sanitise and escape some contact parameters, which could allow unauthenticated attackers to set Stored Cross-Site Scripting payloads in them, which will trigger when an admin view the related contact message

← Browse all CVEs View on cve.org ↗