VYPR
Unrated severityNVD Advisory· Published Nov 14, 2022· Updated Apr 30, 2025

Chat Bubble < 2.3 - Unauthenticated Stored Cross-Site Scripting

CVE-2022-3415

Description

The Chat Bubble WordPress plugin before 2.3 does not sanitise and escape some contact parameters, which could allow unauthenticated attackers to set Stored Cross-Site Scripting payloads in them, which will trigger when an admin view the related contact message

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.