CVE-2024-8720 | rumbletalk RumbleTalk Live Group Chat Plugin up to 6.3.0 on WordPress Shortcode rumbletalk-admin-button cross site scripting

Inserito da Angelo Barbosa | Ott 1, 2024 | CVE

A vulnerability was found in rumbletalk RumbleTalk Live Group Chat Plugin up to 6.3.0 on WordPress. It has been classified as problematic. Affected is the function rumbletalk-admin-button of the component Shortcode Handler. The manipulation leads to cross site scripting.

This vulnerability is traded as CVE-2024-8720. It is possible to launch the attack remotely. There is no exploit available.

CVE-2024-8720 | rumbletalk RumbleTalk Live Group Chat Plugin up to 6.3.0 on WordPress Shortcode rumbletalk-admin-button cross site scripting

Post correlati

CVE-2023-52456 | Linux Kernel up to 5.10.208/5.15.147/6.1.74/6.6.13/6.7.1 imx deadlock

CVE-2024-34511 | Gradio up to 4.12 Server _is_server_fn Privilege Escalation

CVE-2024-8052 | Review Ratings Plugin up to 1.6 on WordPress cross-site request forgery

CVE-2024-40836 | Apple macOS Shortcut access control