Vulnerabilities > Bluecoral > Chat Bubble > 2.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-14 | CVE-2022-3415 | Cross-site Scripting vulnerability in Bluecoral Chat Bubble 2.3 The Chat Bubble WordPress plugin before 2.3 does not sanitise and escape some contact parameters, which could allow unauthenticated attackers to set Stored Cross-Site Scripting payloads in them, which will trigger when an admin view the related contact message | 6.1 |