Vulnerabilities in wordplus
14 resultsCVE-2022-33142HIGHWordPress Better Messages plugin <= 1.9.10.57 - Denial Of Service (DoS) vulnerabilityEPSS 0.9%CVE-2022-41609MEDIUMWordPress Better Messages plugin <= 1.9.10.68 - Server-Side Request Forgery (SSRF) vulnerabilityEPSS 0.5%CVE-2024-13611HIGHBetter Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss <= 2.6.9 - Unauthenticated Sensitive Information Exposure Through Unprotected DirectoryEPSS 0.5%CVE-2022-40216MEDIUMWordPress Better Messages plugin <= 1.9.10.69 - Auth. Messaging Block Bypass vulnerabilityEPSS 0.4%CVE-2022-4974MEDIUMFreemius SDK <= 2.4.2 - Missing Authorization ChecksEPSS 0.4%CVE-2023-49168MEDIUMWordPress BP Better Messages Plugin <= 2.4.0 is vulnerable to Cross Site Scripting (XSS)EPSS 0.4%CVE-2022-36389MEDIUMWordPress Better Messages plugin <= 1.9.9.148 - Cross-Site Request Forgery (CSRF) vulnerabilityEPSS 0.3%CVE-2024-32802MEDIUMWordPress Better Messages plugin <= 2.4.32 - Broken Authentication vulnerabilityEPSS 0.3%CVE-2024-13612MEDIUMBetter Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss <= 2.6.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via ShortcodeEPSS 0.3%CVE-2024-13362MEDIUMFreemius <= 2.10.1 - Reflected DOM-Based Cross-Site Scripting via url ParameterEPSS 0.3%CVE-2024-13697MEDIUMBetter Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss <= 2.7.4 - Unauthenticated Limited Server-Side Request Forgery in nice_linksEPSS 0.3%CVE-2026-42736HIGHWordPress BP Better Messages plugin <= 2.14.16 - Insecure Direct Object References (IDOR) vulnerabilityEPSS 0.2%CVE-2022-29454LOWWordPress Better Messages plugin <= 1.9.9.148 - Cross-Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-14154MEDIUMBetter Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss <= 2.10.2 - Unauthenticated Stored Cross-Site ScriptingEPSS 0.2%