cleantalk
Vulnerabilities and Security Researches

Collect.chat – Chatbot ⚡️, CVE-2024-6498

CVE, Research URL

CVE-2024-6498

Home page URL

Security reports for Collect.chat – Chatbot ⚡️

Application

Collect.chat – Chatbot ⚡️

Published on
Aug 05, 2024
Research Description
The Chatbot for WordPress by Collect.chat ⚡️ WordPress plugin before 2.4.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed
Affected versions
max 2.4.4.
Status
vulnerable
Previous vulnerability researches
Collect.chat – Chatbot ⚡️ (CVE-2026-0736) , Apr 15, 2026
Collect.chat – Chatbot ⚡️ (CVE-2024-30436) , Jun 07, 2024
Collect.chat – Chatbot ⚡️ (CVE-2023-5691) , Jun 07, 2024
Collect.chat – Chatbot ⚡️ (CVE-2024-6498) , Aug 07, 2024
New vulnerability
xmlrpc attacks blocker (CVE-2026-2502) , Apr 16, 2026
Templately – Gutenberg & Elementor Template Library: 5000+ Free & Pro Ready Templates & Cloud! (CVE-2026-0831) , Apr 16, 2026
iRobots.txt SEO (CVE-2025-68840) , Apr 16, 2026
Tune Library (CVE-2026-1401) , Apr 16, 2026
Taskbuilder – WordPress Project & Task Management plugin (CVE-2026-2289) , Apr 16, 2026