The Chat Bubble WordPress plugin prior to 2.3 does not sanitise and escape some contact parameters, which could allow unauthenticated malicious users to set Stored Cross-Site Scripting payloads in them, which will trigger when an admin view the related contact message
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
bluecoral chat bubble |