cleantalk
Vulnerabilities and Security Researches

Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss, CVE-2023-49168

CVE, Research URL

CVE-2023-49168

Home page URL

Security reports for Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss

Application

Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss

Published on
Dec 14, 2023
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WordPlus Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss allows Stored XSS.This issue affects Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss: from n/a through 2.4.0.
Affected versions
max 2.4.1.
Status
vulnerable
Previous vulnerability researches
Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss (CVE-2024-13362) , May 02, 2026
Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss (CVE-2025-14154) , Jan 10, 2026
Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss (CVE-2024-13697) , Mar 03, 2025
Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss (CVE-2024-13611) , Mar 03, 2025
Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss (CVE-2021-24809) , Jun 06, 2024
New vulnerability
Login with phone number (CVE-2026-3655) , May 31, 2026
Spectra – WordPress Gutenberg Blocks (CVE-2026-7465) , May 31, 2026
Contact Form 7 – PayPal & Stripe Add-on (CVE-2026-9189) , May 30, 2026
Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss (CVE-2026-42736) , May 30, 2026
Simple History – user activity log, audit tool (CVE-2026-7459) , May 30, 2026