Unrated severityNVD Advisory· Published Nov 14, 2022· Updated Apr 30, 2025
Chat Bubble < 2.3 - Unauthenticated Stored Cross-Site Scripting
CVE-2022-3415
Description
The Chat Bubble WordPress plugin before 2.3 does not sanitise and escape some contact parameters, which could allow unauthenticated attackers to set Stored Cross-Site Scripting payloads in them, which will trigger when an admin view the related contact message
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/Chat Bubbledescription
- Range: <2.3
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.