Vulnerabilities > Bluecoral

DATE	CVE	VULNERABILITY TITLE	RISK
2024-03-13	CVE-2024-0898	Cross-site Scripting vulnerability in Bluecoral Chat Bubble The Chat Bubble – Floating Chat with Contact Chat Icons, Messages, Telegram, Email, SMS, Call me back plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.3 due to insufficient input sanitization and output escaping. network low complexity bluecoral CWE-79	4.8
2024-02-28	CVE-2023-52226	Unspecified vulnerability in Bluecoral Advanced-Flamingo Cross-Site Request Forgery (CSRF) vulnerability in Advanced Flamingo.This issue affects Advanced Flamingo: from n/a through 1.0. network low complexity bluecoral	8.8
2023-12-18	CVE-2023-48769	Unspecified vulnerability in Bluecoral Chat Bubble Cross-Site Request Forgery (CSRF) vulnerability in Blue Coral Chat Bubble – Floating Chat with Contact Chat Icons, Messages, Telegram, Email, SMS, Call me back.This issue affects Chat Bubble – Floating Chat with Contact Chat Icons, Messages, Telegram, Email, SMS, Call me back: from n/a through 2.3. network low complexity bluecoral	8.8
2022-11-14	CVE-2022-3415	Cross-site Scripting vulnerability in Bluecoral Chat Bubble The Chat Bubble WordPress plugin before 2.3 does not sanitise and escape some contact parameters, which could allow unauthenticated attackers to set Stored Cross-Site Scripting payloads in them, which will trigger when an admin view the related contact message network low complexity bluecoral CWE-79	6.1

Vulnerabilities > Bluecoral {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Bluecoral"}]}