cleantalk
Vulnerabilities and Security Researches

Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss, CVE-2024-32802

CVE, Research URL

CVE-2024-32802

Home page URL

Security reports for Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss

Application

Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss

Published on
May 17, 2024
Research Description
Missing Authorization vulnerability in WordPlus BP Better Messages allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects BP Better Messages: from n/a through 2.4.32.
Affected versions
max 2.4.33.
Status
vulnerable
Previous vulnerability researches
Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss (CVE-2024-13362) , May 02, 2026
Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss (CVE-2025-14154) , Jan 10, 2026
Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss (CVE-2024-13697) , Mar 03, 2025
Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss (CVE-2024-13611) , Mar 03, 2025
Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss (CVE-2021-24809) , Jun 06, 2024
New vulnerability
Login with phone number (CVE-2026-3655) , May 31, 2026
Spectra – WordPress Gutenberg Blocks (CVE-2026-7465) , May 31, 2026
Contact Form 7 – PayPal & Stripe Add-on (CVE-2026-9189) , May 30, 2026
Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss (CVE-2026-42736) , May 30, 2026
Simple History – user activity log, audit tool (CVE-2026-7459) , May 30, 2026