cleantalk
Vulnerabilities and Security Researches

Telegram Bot & Channel, CVE-2023-34006

CVE, Research URL

CVE-2023-34006

Home page URL

Security reports for Telegram Bot & Channel

Application

Telegram Bot & Channel

Published on
Jun 22, 2023
Research Description
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Marco Milesi Telegram Bot & Channel plugin <= 3.6.2 versions.
Affected versions
max 3.6.3.
Status
vulnerable
Previous vulnerability researches
Telegram Bot &amp; Channel (CVE-2023-34006) , Jun 06, 2024
Telegram Bot &amp; Channel (CVE-2024-38789) , Jul 24, 2024
Telegram Bot &amp; Channel (CVE-2025-13068) , Dec 11, 2025
New vulnerability
GitHub Gist Shortcode Plugin (CVE-2025-12667) , Dec 12, 2025
Cryptocurrency Payment Gateway for WooCommerce (CVE-2025-12392) , Dec 12, 2025
Wbcom Designs &#8211; Private Community for BuddyPress (CVE-2025-67582) , Dec 12, 2025
WP-Walla (CVE-2025-12589) , Dec 12, 2025
Master Addons for Elementor (CVE-2025-63055) , Dec 12, 2025