cleantalk
Vulnerabilities and Security Researches

RumbleTalk Live Group Chat – HTML5, 926d1229c47934b08e71c0bbf27c2df406a983a3

CVE, Research URL

926d1229c47934b08e71c0bbf27c2df406a983a3

Home page URL

Security reports for RumbleTalk Live Group Chat – HTML5

Application

RumbleTalk Live Group Chat – HTML5

Published on
Oct 13, 2023
Research Description
RumbleTalk Live Group Chat &#8211; HTML5 [rumbletalk-chat-a-chat-with-themes] < 6.2.0 WordPress RumbleTalk Live Group Chat Plugin <= 6.1.9 is vulnerable to Broken Access Control No patched version is available. Mika discovered and reported this Broken Access Control vulnerability in WordPress RumbleTalk Live Group Chat Plugin. A broken access control issue refers to a missing authorization, authentication or nonce token check in a function that could lead to an unprivileged user to executing a certain higher privileged action. This vulnerability has not been known to be fixed yet.
Affected versions
Min -, max 6.2.0.
Status
vulnerable
Previous vulnerability researches
RumbleTalk Live Group Chat &#8211; HTML5 (CVE-2024-8720) , Oct 01, 2024
RumbleTalk Live Group Chat &#8211; HTML5 (926d1229c47934b08e71c0bbf27c2df406a983a3) , Jun 07, 2024
RumbleTalk Live Group Chat &#8211; HTML5 (CVE-2025-58626) , Sep 05, 2025
RumbleTalk Live Group Chat &#8211; HTML5 (CVE-2023-45828) , Jun 10, 2024
New vulnerability
Redis Object Cache , Sep 17, 2025
Zakra (CVE-2025-8595) , Sep 15, 2025
PDF Embedder , Sep 11, 2025
Pixeline&#039;s Email Protector (CVE-2025-58982) , Sep 11, 2025
Include Me (CVE-2025-58983) , Sep 11, 2025