VYPR

Rumbletalk Chat A Chat With Themes

by WordPress

Source repositories

CVEs (3)

  • CVE-2025-58626MedSep 3, 2025
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RumbleTalk RumbleTalk Live Group Chat rumbletalk-chat-a-chat-with-themes allows Stored XSS.This issue affects RumbleTalk Live Group Chat: from n/a through <= 6.3.5.

  • CVE-2023-45828MedJan 2, 2025
    risk 0.35cvss 5.4epss 0.01

    Missing Authorization vulnerability in RumbleTalk RumbleTalk Live Group Chat rumbletalk-chat-a-chat-with-themes allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RumbleTalk Live Group Chat: from n/a through <= 6.2.5.

  • CVE-2024-8720MedOct 1, 2024
    risk 0.35cvss 6.4epss 0.00

    The RumbleTalk Live Group Chat – HTML5 plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'rumbletalk-admin-button' shortcode in all versions up to, and including, 6.3.0 due to insufficient input sanitization and output escaping on user supplied…