[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fIeOr4gLEORBhUJVWJACJkPYsIqHC7Xsba4nc_WCyStE":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":77,"crawl_stats":38,"alternatives":83,"analysis":180,"fingerprints":292},"rumbletalk-chat-a-chat-with-themes","RumbleTalk Live Group Chat – HTML5","6.3.9","RumbleTalk","https:\u002F\u002Fprofiles.wordpress.org\u002Frumbletalk\u002F","\u003Ch4>WordPress Group Chat Plugin\u003C\u002Fh4>\n\u003Cp>Live group chat plugin for WordPress. Integrate it into your website in minutes. Create one or multiple rooms effortlessly.\u003C\u002Fp>\n\u003Cp>We support 4 chat types:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Members-only group chat – Integrated with your user base.\u003C\u002Fli>\n\u003Cli>Queued chat – Admins approve every message.\u003C\u002Fli>\n\u003Cli>Social chat – Open chat room for online discussions.\u003C\u002Fli>\n\u003Cli>Experts chat – One-on-one chats (private chats).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>797,100 websites and online events are already using the \u003Ca href=\"https:\u002F\u002Frumbletalk.com\u002F\" rel=\"nofollow ugc\">RumbleTalk HTML Chat Platform\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>The chat platform is a hosted professional \u003Cstrong>chat room plugin\u003C\u002Fstrong> with a quick integration to your WordPress members’ user base.\u003Cbr \u002F>\nYou may add it to any type of website, blog, or real-time event.\u003C\u002Fp>\n\u003Cp>Unique features that can be set in the admin panel:\u003C\u002Fp>\n\u003Cp>1) Integrate your users base with one click – your website members will then auto-login to the chat.\u003Cbr \u002F>\n2) Moderated chat mode for live events – approve every message before showing it to all.\u003Cbr \u002F>\n3) Private video and audio calls for private one-on-one video discussions\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F70_zc1fvUtM?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>The ideal plugin for members chat, live online events, Group chats, live community, radio shows, fans clubs, stocks & forex trading, hobbies, sports, group discussions…and much more\u003C\u002Fp>\n\u003Ch3>Plug-in Name\u003C\u002Fh3>\n\u003Cp>rumbletalk-chat-a-chat-with-themes\u003C\u002Fp>\n\u003Ch3>WHAT IS A LIVE GROUP CHAT FOR WORDPRESS?\u003C\u002Fh3>\n\u003Cp>RumbleTalk platform is easy to set group chat plugin for WordPress, buddypress and bbpress\u003Cbr \u002F>\n1) Members-only website\u003Cbr \u002F>\n2) Social website\u003Cbr \u002F>\n3) Live online event website\u003Cbr \u002F>\n4) Integrated into any platform using our REST API.\u003C\u002Fp>\n\u003Cp>Adding one or many rooms is a no-brainer with the RumbleTalk plugin. Add a chat widget to your website in two minutes.\u003C\u002Fp>\n\u003Ch4>BuddyPress & BBpress Integration\u003C\u002Fh4>\n\u003Cp>This group chat plugin supports automatic user base integration with WordPress, BuddyPress and BBpress.\u003C\u002Fp>\n\u003Ch3>Chat Features\u003C\u002Fh3>\n\u003Cpre>\n\nNEW - Pin messages, files and videos\n\n* Poll options in the chat\n* Bio Description can be added in the username (ex: display name+bio)\n* Admin count in plan summary added\n* Admin button is added for easy access\n\n* support for avatar integration with different members' plugins.\n* Integration with WordPress users base avatar\n* Mark text as bold, italic, strike and code.\n* Admin mode - mute all users.\n* New lines - now you can add more lines in each message\n* Font size - increase\u002Fdecrease the web-based font size\n* Private chat - prevents automatic private chat window popup   \n\n* support for more currencies\n* Paid access, bug fixes\n* Experts chat, allows you to advice in a private conversation (with or without payment)\n* Control what username will show in the chat\n* Keywords feature - automatic text highlights\n* login type: Register before logging in\n\n* Better Sound Control\n* History search options\n* Export chat history to CSV or HTML\n* Video chat messages, record 30-second video messages.\n* Mobile video calls (android)\n* Set Private chats with registered users\n* Spam Filter applied also for users name\n* Create additional rooms directly from the plugin\n* Open settings from the WordPress admin\n* Delete Archive messages directly from the chat\n* Increase Font Size in mobile\n\n* Full Screen In mobile mode\n* Admin user avatar\n* BuddyPress integration\n* Export Chat Transcript from the chat interface\n* Auto login with your own users-base users name (API)\n* IP info\n\n* Upload Images from your mobile device\n* Take photos from your mobile version\n* One on One VIDEO and Audio calls\n* Upload Docs, Excel, PowerPoint, PDF files\n* Upload Images from your own PC\n\n* Take pictures from your PC camera\n* Easily Embed a group chat in your site.\n* Chatroom Theme Library\n* Talk from Mobile and Tablet.\n* Login, Share and Invite\n* Private chat\n\n* SSL - new secure channel TLS1.2\n* Design your own chat theme.\n* Design your chat with css (for advanced users)\n* Manage more than one chat.\n* Spam filter (create a black listed words).\n* Disconnect Trolls.\n\n* Ban users by IP.\n* Define moderators and rolls.\n* Archive your chat, Save log of your chat history.\n* Chat in 30 languages.\n* Offline Mode\n* Delete single messages\n* Flood control\n* Control the side of the floating icon\n* Advanced dashboard for managing your chat rooms\n* Send audio and video messages\n* Set your own sound for different types of actions\n* In-Chat payment options\n\n\u003C\u002Fpre>\n\u003Cp>BuddyPress Chat Room Integration\u003Cbr \u002F>\nThese members chat plugin supports automatic integration with BuddyPress plugin.\u003C\u002Fp>\n\u003Ch3>Languages\u003C\u002Fh3>\n\u003Cpre>\nEnglish, Español, Bahasa Indonesia, Català, Czech, Dansk sprog\nDeutsch, Français, Italiano, Magyar, فارسی, Nederlands, Dutch, Polski\nPortuguês, Română, ภาษาไทย, Slovenčina, Suomi, Svenska, Tiếng Việt\nTürkçe, ελληνικά, Български, Македонски, Русский язык\nСрбски, Українська, עברית , عربي\n\u003C\u002Fpre>\n","Live group chat plugin for WordPress. Integrate it into your website in minutes. Create one or multiple rooms effortlessly.",800,206700,68,21,"2026-02-04T13:53:00.000Z","6.9.4","3.6","5.2.0",[20,21,22,23,24],"buddypress-chat","chat-room","community-chat","group-chat","members-chat","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Frumbletalk-chat-a-chat-with-themes\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frumbletalk-chat-a-chat-with-themes.6.3.9.zip",96,3,0,"2025-09-03 00:00:00","2026-03-15T15:16:48.613Z",[33,49,61],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":40,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":30,"updated_date":45,"references":46,"days_to_patch":48},"CVE-2025-58626","rumbletalk-live-group-chat-authenticated-contributor-stored-cross-site-scripting","RumbleTalk Live Group Chat \u003C= 6.3.5 - Authenticated (Contributor+) Stored Cross-Site Scripting","The RumbleTalk Live Group Chat plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 6.3.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",null,"\u003C=6.3.5","6.3.6","medium",6.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2025-09-10 20:28:52",[47],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F1ece669f-2e88-4c41-a566-5521424e9c69?source=api-prod",8,{"id":50,"url_slug":51,"title":52,"description":53,"plugin_slug":4,"theme_slug":38,"affected_versions":54,"patched_in_version":55,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":56,"updated_date":57,"references":58,"days_to_patch":60},"CVE-2024-8720","rumbletalk-live-group-chat-html5-authenticated-contributor-stored-cross-site-scripting","RumbleTalk Live Group Chat – HTML5 \u003C= 6.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting","The RumbleTalk Live Group Chat – HTML5 plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'rumbletalk-admin-button' shortcode in all versions up to, and including, 6.3.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.","\u003C=6.3.0","6.3.1","2024-09-30 00:00:00","2024-10-04 12:35:32",[59],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F4e620ae8-03fc-43b5-8e8f-5b0884e8eefb?source=api-prod",5,{"id":62,"url_slug":63,"title":64,"description":65,"plugin_slug":4,"theme_slug":38,"affected_versions":66,"patched_in_version":67,"severity":68,"cvss_score":69,"cvss_vector":70,"vuln_type":71,"published_date":72,"updated_date":73,"references":74,"days_to_patch":76},"CVE-2023-45828","rumbletalk-live-group-chat-missing-authorization-via-handlerequest","RumbleTalk Live Group Chat \u003C= 6.1.9 - Missing Authorization via handleRequest","The RumbleTalk Live Group Chat plugin for WordPress is vulnerable to unauthorized access of data, modification of data, and loss of data due to a missing capability check on the handleRequest AJAX function in versions up to, and including, 6.1.9. This makes it possible for authenticated attackers, with subscriber-level access and above, to retrieve or update tokens, create, update, refresh, and delete chats, and create accounts.","\u003C=6.1.9","6.2.0","high",7.6,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:L\u002FI:H\u002FA:L","Missing Authorization","2023-10-13 00:00:00","2024-01-22 19:56:02",[75],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fd9d6e168-a768-4062-9ef1-0be9d6c65c51?source=api-prod",102,{"slug":78,"display_name":7,"profile_url":8,"plugin_count":79,"total_installs":11,"avg_security_score":27,"avg_patch_time_days":80,"trust_score":81,"computed_at":82},"rumbletalk",1,38,85,"2026-04-03T21:34:13.754Z",[84,105,127,146,161],{"slug":85,"name":86,"version":87,"author":88,"author_profile":89,"description":90,"short_description":91,"active_installs":92,"downloaded":93,"rating":94,"num_ratings":79,"last_updated":95,"tested_up_to":96,"requires_at_least":97,"requires_php":98,"tags":99,"homepage":103,"download_link":104,"security_score":81,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"roomlio-group-chat","Roomlio – Group Chat","1.0.5","roomlio","https:\u002F\u002Fprofiles.wordpress.org\u002Froomlio\u002F","\u003Cp>Roomlio is an embeddable chat platform. It allows you to simply and quickly embed a chat room anywhere on your WordPress pages or posts. It differs from existing chat applications because it focuses on embedding group chat\u003Cbr \u002F>\nrooms in existing pages instead of sending your users off to a 3rd part chat application. You can think of it as offering\u003Cbr \u002F>\nembeddable “Twitch style” or “Youtube style” chat for your WordPress users and visitors. Although Roomlio focuses on embedding chat rooms inside of WordPress, it still provides an app\u003Cbr \u002F>\nfor admins and operators to manage all the embedded channels and chat with embedded users.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Keep your users on your site\u002Fdomain while chatting. Roomlio branding can be hidden for a seemless experience. Maintain your brand by not sending users to external chat applications.\u003C\u002Fli>\n\u003Cli>Automatically securely identify your logged in WordPress users. No separate login required. (If users are not logged in they will be identified based on geolocation)\u003C\u002Fli>\n\u003Cli>No code required. Our plugin lets you place chat room widgets where you want them in a user friendly way.\u003C\u002Fli>\n\u003Cli>Unlimited chat rooms. Create as many as you want, we don’t restrict that.\u003C\u002Fli>\n\u003Cli>Unlimited chat history\u003C\u002Fli>\n\u003Cli>Admin app. Manage all the rooms you create in one place using our dedicated Admin app (Works on all major operating systems, Windows, Mac, iOS and Android).\u003C\u002Fli>\n\u003Cli>Customize the appearance\u002Fsize of your rooms.\u003C\u002Fli>\n\u003Cli>Support for images\u002Fgifs.\u003C\u002Fli>\n\u003Cli>Offline mode. Allow visitors to leave an offline message (optionally forwarded to email) if your room is in offline mode.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For more details, visit \u003Ca href=\"https:\u002F\u002Froomlio.com\" rel=\"nofollow ugc\">Roomlio\u003C\u002Fa> and talk to us!\u003C\u002Fp>\n\u003Cp>INFO: This plugin requires a paid plan from \u003Ca href=\"https:\u002F\u002Froomlio.com\" rel=\"nofollow ugc\">Roomlio\u003C\u002Fa> to work (14 day free trial offered w\u002Fo credit card).\u003C\u002Fp>\n\u003Ch3>Privacy\u003C\u002Fh3>\n\u003Cp>Since Roomlio is a Software as a Service (SaaS) product, you will accept the Terms of Service and Privacy Policy at the time you signup for a Roomlio account. Here is a direct link to those below in case you want to take a look now.\u003Cbr \u002F>\n– https:\u002F\u002Froomlio.com\u002Flegal\u002Fterms\u002F\u003Cbr \u002F>\n– https:\u002F\u002Froomlio.com\u002Flegal\u002Fprivacy-policy\u002F\u003C\u002Fp>\n\u003Cp>Also, we believe your data belongs to you and we comply with GDPR. More info here https:\u002F\u002Froomlio.com\u002Flegal\u002Feu-privacy-summary\u002F\u003C\u002Fp>\n","Roomlio is a chat platform that allows you to embed a chat room anywhere in your existing Wordpress pages and posts.",10,4676,100,"2022-05-26T14:12:00.000Z","6.0.0","4.0","5.6.39",[100,21,101,23,102],"chat","embed-chat","rooms","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Froomlio-group-chat.1.0.5.zip",{"slug":106,"name":107,"version":108,"author":109,"author_profile":110,"description":111,"short_description":112,"active_installs":11,"downloaded":113,"rating":114,"num_ratings":60,"last_updated":115,"tested_up_to":16,"requires_at_least":116,"requires_php":117,"tags":118,"homepage":122,"download_link":123,"security_score":124,"vuln_count":125,"unpatched_count":79,"last_vuln_date":126,"fetched_at":31},"wpguppy-lite","One to one user Chat by WPGuppy","1.1.6","AmentoTech Private Limited","https:\u002F\u002Fprofiles.wordpress.org\u002Famentotechpvtltd\u002F","\u003Cp>WPGuppy is a well thought and clinically designed and developed WordPress chat plugin which has been engineered to fulfill the market needs. It is loaded with features without compromising on quality.\u003C\u002Fp>\n\u003Cp>WPGuppy is not just a simple WordPress chat plugin – it is a comprehensive chat solution entailing features that are hard to find in a single WordPress chat plugin.\u003C\u002Fp>\n\u003Cp>It is a comprehensive feature-rich WordPress chat plugin that not only provides numerous practical features for end-users but has been designed and developed keeping in mind the high-quality standards that subsequently provide the much-needed robustness and working performance in such plugins.\u003C\u002Fp>\n\u003Cp>This plugin prides itself on using its built-in database which means that it will be integrated within your WordPress site database and you get to keep complete control on how you manage your data etc.\u003C\u002Fp>\n\u003Cp>The team behind this plugin consists of experienced and professional software engineers and web designers who back this plugin with excellent customer support.\u003C\u002Fp>\n\u003Ch3>Enable PHP HTTP Authorization Header\u003C\u002Fh3>\n\u003Ch4>Shared Hosts\u003C\u002Fh4>\n\u003Cp>Most shared hosts have disabled the \u003Cstrong>HTTP Authorization Header\u003C\u002Fstrong> by default.\u003C\u002Fp>\n\u003Cp>To enable this option you’ll need to edit your \u003Cstrong>.htaccess\u003C\u002Fstrong> file by adding the following:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>RewriteEngine on\nRewriteCond %{HTTP:Authorization} ^(.*)\nRewriteRule ^(.*) - [E=HTTP_AUTHORIZATION:%1]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>WPEngine\u003C\u002Fh4>\n\u003Cp>To enable this option you’ll need to edit your \u003Cstrong>.htaccess\u003C\u002Fstrong> file by adding the following:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>SetEnvIf Authorization \"(.*)\" HTTP_AUTHORIZATION=$1\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>What’s new in WP Guppy Pro\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>** BudyPress & BudyBoss Integration **\u003C\u002Fli>\n\u003Cli>** Post base chat **\u003C\u002Fli>\n\u003Cli>** Start chat on the WooCommerce shop page **\u003C\u002Fli>\n\u003Cli>Emoji sharing\u003C\u002Fli>\n\u003Cli>** Voice note **\u003C\u002Fli>\n\u003Cli>** Group chat with friends **\u003C\u002Fli>\n\u003Cli>Create group\u003C\u002Fli>\n\u003Cli>Delete group\u003C\u002Fli>\n\u003Cli>Upload group avatar\u003C\u002Fli>\n\u003Cli>Leave group\u003C\u002Fli>\n\u003Cli>Share video files\u003C\u002Fli>\n\u003Cli>Share documents\u003C\u002Fli>\n\u003Cli>Share gallery or single images\u003C\u002Fli>\n\u003Cli>Send audio files\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Hot:\u003C\u002Fstrong> Send current location with open street maps\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Hot:\u003C\u002Fstrong> Reply to a message\u003C\u002Fli>\n\u003Cli>Delete a message from a chat\u003C\u002Fli>\n\u003Cli>Download attachments\u003C\u002Fli>\n\u003Cli>Real-time chat with pusher.com Channel API, Vue.js, and Vuex\u003C\u002Fli>\n\u003Cli>Real-time chat with node.js and socket.io. Your server should support node.js for this to activate the real-time experience\u003C\u002Fli>\n\u003Cli>All WordPress users listed by roles\u003C\u002Fli>\n\u003Cli>Media and attachment listing in the chat sidebar\u003C\u002Fli>\n\u003Cli>User profile management\u003C\u002Fli>\n\u003Cli>Reset the database with a single click from the back-end\u003C\u002Fli>\n\u003Cli>Settings for the default tab to activate\u003C\u002Fli>\n\u003Cli>Enable\u002Fdisable tabs for the user, chats, friends, blocked\u003C\u002Fli>\n\u003Cli>Dynamic color schemes\u003C\u002Fli>\n\u003Cli>Media extensions to upload settings\u003C\u002Fli>\n\u003Cli>Mute bell sound for notifications\u003C\u002Fli>\n\u003Cli>Report user via email\u003C\u002Fli>\n\u003Cli>All media attachments download from a conversation\u003C\u002Fli>\n\u003Cli>Clear conversation\u003C\u002Fli>\n\u003Cli>RTL support\u003C\u002Fli>\n\u003Cli>Much more features, \u003Ca href=\"https:\u002F\u002Fcodecanyon.net\u002Fitem\u002Fwpguppy-a-live-chat-plugin-for-wordpress\u002F34619534\" rel=\"nofollow ugc\">click here to check all the features\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","WPGuppy is a well thought and clinically designed and developed WordPress chat plugin which has been engineered to fulfill the market needs.",23810,84,"2026-03-12T05:33:00.000Z","6.0","8.1",[100,23,119,120,121],"real-time-chat","user-to-user-chat","video-chat","https:\u002F\u002Fwp-guppy.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpguppy-lite.zip",57,6,"2026-02-13 18:16:35",{"slug":128,"name":129,"version":130,"author":131,"author_profile":132,"description":133,"short_description":134,"active_installs":135,"downloaded":136,"rating":137,"num_ratings":125,"last_updated":138,"tested_up_to":16,"requires_at_least":139,"requires_php":103,"tags":140,"homepage":144,"download_link":145,"security_score":94,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"minnit-chat","Group chat for WordPress – Minnit Chat","4.1.4","minnitchat","https:\u002F\u002Fprofiles.wordpress.org\u002Fminnitchat\u002F","\u003Cp>Minnit Chat is an easy-to-use group chat service. You can appoint moderators to watch over your chat, customize the look and feel of your chat, and increase engagement by having your users be able to talk to one another in real time!\u003C\u002Fp>\n\u003Cp>Configure the chatroom to use Single Sign-On, and users who load the chat will automatically be logged in using their WordPress accounts. No need for additional sign-ups, onboarding, or any other steps — your users can get chatting right away!\u003C\u002Fp>\n\u003Cp>Many other features can be enabled or disabled, including support for sending GIFs, uploading files, direct messaging between users, and more.\u003C\u002Fp>\n\u003Cp>Get started in minutes and get chatting with Minnit!\u003C\u002Fp>\n","Cloud-based chat using your WordPress accounts. Minnit uses SSO to allow you and your WordPress users to communicate with one another.",600,35685,90,"2026-03-11T23:32:00.000Z","3.4",[100,141,142,143,23],"chat-group","chatbox","chatroom","https:\u002F\u002Fminnit.chat","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fminnit-chat.zip",{"slug":21,"name":147,"version":148,"author":149,"author_profile":150,"description":151,"short_description":152,"active_installs":94,"downloaded":153,"rating":114,"num_ratings":154,"last_updated":155,"tested_up_to":156,"requires_at_least":157,"requires_php":103,"tags":158,"homepage":159,"download_link":160,"security_score":81,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"Chat Room","0.1.3","webdevstudios","https:\u002F\u002Fprofiles.wordpress.org\u002Fwebdevstudios\u002F","\u003Cp>The Chat Room plugin allows administrators to easily create chat rooms for their users to participate in. Chat rooms are created via the WordPress administrative interface. After creation, users can access it via the permalink for the chat room.\u003C\u002Fp>\n\u003Cp>The plugin currently will only support servers that have direct PHP filesystem access, which may not be available on all hosting environments.\u003C\u002Fp>\n\u003Cp>All official development on this plugin is on GitHub. Version bumps will still be published here on WordPress.org. You can find the repo at \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FWebDevStudios\u002FChat-Room\" rel=\"nofollow ugc\">https:\u002F\u002Fgithub.com\u002FWebDevStudios\u002FChat-Room\u003C\u002Fa>. Please file issues, bugs, and enhancement ideas there, when possible.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fpluginize.com\u002F?utm_source=chat-room&utm_medium=text&utm_campaign=wporg\" rel=\"nofollow ugc\">Pluginize\u003C\u002Fa> was launched in 2016 by \u003Ca href=\"https:\u002F\u002Fwebdevstudios.com\u002F\" rel=\"nofollow ugc\">WebDevStudios\u003C\u002Fa> to promote, support, and house all of their \u003Ca href=\"https:\u002F\u002Fpluginize.com\u002Fshop\u002F?utm_source=chat-room&utm_medium=text&utm_campaign=wporg\" rel=\"nofollow ugc\">WordPress products\u003C\u002Fa>. Pluginize is not only creating new products for WordPress all the time, but also provides \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcustom-post-type-ui\u002F\" rel=\"ugc\">ongoing support and development for WordPress community favorites like CPTUI\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcmb2\u002F\" rel=\"ugc\">CMB2\u003C\u002Fa>, and more.\u003C\u002Fp>\n","Create chat rooms on your site for users to participate in.",49660,13,"2017-03-11T03:54:00.000Z","4.7.32","3.3",[21],"http:\u002F\u002Fwebdevstudios.com\u002Fsupport\u002Fwordpress-plugins\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fchat-room.zip",{"slug":162,"name":163,"version":87,"author":164,"author_profile":165,"description":166,"short_description":167,"active_installs":92,"downloaded":168,"rating":94,"num_ratings":79,"last_updated":169,"tested_up_to":170,"requires_at_least":171,"requires_php":103,"tags":172,"homepage":176,"download_link":177,"security_score":178,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":179},"arena-group-chat-for-real-time-engagement","Arena – Group Chat for Real-Time Engagement","Arena.IM","https:\u002F\u002Fprofiles.wordpress.org\u002Farenaim\u002F","\u003Cp>Arena Group Chat is the ultimate tool for driving user engagement in real-time.\u003C\u002Fp>\n\u003Cp>Whether hosting live events or maintaining ongoing community interactions, Group Chat helps transform your audience from passive viewers into active participants. It seamlessly integrates with your website, offering advanced customization and analytics to enhance engagement and business growth.\u003C\u002Fp>\n\u003Cp>Key Features of Arena Group Chat:\u003Cbr \u002F>\n– Real-time group messaging for events and communities\u003Cbr \u002F>\n– Polls, Q&As, and interactive features for enhanced user participation\u003Cbr \u002F>\n– Customizable layouts to match your brand’s identity\u003Cbr \u002F>\n– Responsive design optimized for both desktop and mobile\u003Cbr \u002F>\n– Easy to integrate with a free Arena account\u003Cbr \u002F>\n– GDPR compliance with a focus on privacy and first-party data collection\u003Cbr \u002F>\n– Powerful analytics to track engagement and impact\u003Cbr \u002F>\n– Integration with Arena’s other products like Live Blog and Arena Community\u003Cbr \u002F>\n– Scalable to support major events with millions of users\u003C\u002Fp>\n\u003Cp>Group Chat helps to keep your audience engaged by offering dynamic, interactive experiences that encourage participation and increase time spent on your site.\u003C\u002Fp>\n\u003Ch3>Third-Party Services\u003C\u002Fh3>\n\u003Cp>This plugin utilizes the Arena.im API (https:\u002F\u002Fapi.arena.im\u002Fv3) to provide chat functionality. The plugin communicates with Arena.im servers for the following purposes:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Authentication (\u002Foauth\u002Ftokens)\u003C\u002Fli>\n\u003Cli>Retrieving organization information (\u002Forganizations)\u003C\u002Fli>\n\u003Cli>Fetching site details (\u002Forganizations\u002F{organization_id}\u002Fsites)\u003C\u002Fli>\n\u003Cli>Managing chat instances (\u002Fsites\u002F{site_id}\u002Fchats)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Data Transmission\u003C\u002Fh3>\n\u003Cp>When you use this plugin, it sends requests to the Arena.im API. This may include:\u003Cbr \u002F>\n– Authentication tokens\u003Cbr \u002F>\n– Organization and site IDs\u003Cbr \u002F>\n– Chat-related data\u003C\u002Fp>\n\u003Cp>No personal user data is sent to Arena.im servers unless explicitly input by users in chat messages.\u003C\u002Fp>\n\u003Ch3>More Information\u003C\u002Fh3>\n\u003Cp>For more information about Arena.im and their services, please visit their website: https:\u002F\u002Farena.im\u003C\u002Fp>\n\u003Cp>By using this plugin, you agree to Arena.im’s Terms of Service and Privacy Policy:\u003Cbr \u002F>\n– Terms of Service: https:\u002F\u002Farena.im\u002Fterms-of-service\u002F\u003Cbr \u002F>\n– Privacy Policy: https:\u002F\u002Farena.im\u002Fprivacy-policy\u002F\u003C\u002Fp>\n\u003Cp>It is your responsibility to ensure that your use of this plugin and the Arena.im service complies with all applicable laws and regulations, including data protection laws in your jurisdiction.\u003C\u002Fp>\n\u003Ch3>Arena Group Chat – Support\u003C\u002Fh3>\n\u003Cp>For additional setup and usage guidance, visit Arena’s Help Center.\u003C\u002Fp>\n\u003Ch3>Website\u003C\u002Fh3>\n\u003Cp>Find more details at Arena.im.\u003C\u002Fp>\n\u003Ch3>Contact Us\u003C\u002Fh3>\n\u003Cp>Need help? Chat with us at app.arena.im, and our team will respond within hours.\u003C\u002Fp>\n","Arena Group Chat enhances user engagement with real-time messaging for live events and communities, boosting interaction across web and mobile.",1173,"2024-10-31T19:33:00.000Z","6.6.5","3.6.1",[100,173,23,174,175],"community","live-chat","real-time","https:\u002F\u002Farena.im\u002Fgroup-chat","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Farena-group-chat-for-real-time-engagement.1.0.5.zip",92,"2026-03-15T14:54:45.397Z",{"attackSurface":181,"codeSignals":232,"taintFlows":248,"riskAssessment":278,"analyzedAt":291},{"hooks":182,"ajaxHandlers":217,"restRoutes":223,"shortcodes":224,"cronEvents":231,"entryPointCount":28,"unprotectedCount":79},[183,189,193,198,202,207,212],{"type":184,"name":185,"callback":186,"file":187,"line":188},"action","admin_init","adminInit","admin\\class-rumbletalk-admin.php",58,{"type":184,"name":190,"callback":191,"file":187,"line":192},"admin_menu","adminMenu",59,{"type":194,"name":195,"callback":196,"file":187,"line":197},"filter","mce_buttons","registerTinyMceButton",109,{"type":194,"name":199,"callback":200,"file":187,"line":201},"mce_external_plugins","addTinyMceButton",110,{"type":184,"name":203,"callback":204,"file":205,"line":206},"plugins_loaded","load_plugin_textdomain","includes\\class-rumbletalk.php",141,{"type":184,"name":208,"callback":209,"file":210,"line":211},"wp_head","hook_javascript","public\\class-rumbletalk-public.php",60,{"type":194,"name":213,"callback":214,"priority":92,"file":215,"line":216},"plugin_action_links","rumbletalk_settings_link","rumbletalk.php",41,[218],{"action":219,"nopriv":220,"callback":221,"hasNonce":220,"hasCapCheck":220,"file":187,"line":222},"rumbletalk_ajax",false,"handleRequest",61,[],[225,228],{"tag":226,"callback":227,"file":210,"line":188},"rumbletalk-chat","embed",{"tag":229,"callback":230,"file":210,"line":192},"rumbletalk-admin-button","adminButton",[],{"dangerousFunctions":233,"sqlUsage":234,"outputEscaping":236,"fileOperations":29,"externalRequests":79,"nonceChecks":79,"capabilityChecks":243,"bundledLibraries":244},[],{"prepared":29,"raw":29,"locations":235},[],{"escaped":237,"rawEcho":79,"locations":238},30,[239],{"file":240,"line":241,"context":242},"admin\\ajax-rumbletalk-admin.php",178,"raw output",4,[245],{"name":246,"version":38,"knownCves":247},"TinyMCE",[],[249],{"entryPoint":250,"graph":251,"unsanitizedCount":243,"severity":41},"\u003Cajax-rumbletalk-admin> (admin\\ajax-rumbletalk-admin.php:0)",{"nodes":252,"edges":273},[253,258,263,267,271],{"id":254,"type":255,"label":256,"file":240,"line":257},"n0","source","$_POST",83,{"id":259,"type":260,"label":261,"file":240,"line":241,"wp_function":262},"n1","sink","echo() [XSS]","echo",{"id":264,"type":255,"label":265,"file":240,"line":266},"n2","$_POST (x4)",298,{"id":268,"type":269,"label":270,"file":240,"line":266},"n3","transform","→ response()",{"id":272,"type":260,"label":261,"file":240,"line":241,"wp_function":262},"n4",[274,276,277],{"from":254,"to":259,"sanitized":275},true,{"from":264,"to":268,"sanitized":220},{"from":268,"to":272,"sanitized":220},{"summary":279,"deductions":280},"The plugin \"rumbletalk-chat-a-chat-with-themes\" v6.3.9 presents a mixed security posture. On the positive side, it demonstrates good practices with 100% of its SQL queries utilizing prepared statements and a very high rate of output escaping (97%). It also includes nonce checks and capability checks, indicating an awareness of common WordPress security measures.\n\nHowever, significant concerns arise from the attack surface analysis, particularly the presence of one AJAX handler without authentication checks. This represents a direct entry point that could be exploited by unauthenticated users. The taint analysis also flagged one flow with unsanitized paths, although it was not categorized as critical or high severity, it still warrants attention as it could potentially lead to unexpected behavior or vulnerabilities if not handled properly.\n\nThe vulnerability history, with a total of 3 known CVEs (1 high, 2 medium), is a notable weakness. While there are currently no unpatched vulnerabilities, the pattern of past vulnerabilities, specifically mentioning Cross-site Scripting and Missing Authorization, suggests recurring security weaknesses that have required external patching. This history, combined with the identified unprotected entry point, indicates a need for more robust security development and testing practices.",[281,284,286,289],{"reason":282,"points":283},"AJAX handler without auth checks",7,{"reason":285,"points":60},"Flows with unsanitized paths",{"reason":287,"points":288},"History of 1 High severity CVE",18,{"reason":290,"points":92},"History of 2 Medium severity CVEs","2026-03-16T19:17:23.149Z",{"wat":293,"direct":302},{"assetPaths":294,"generatorPatterns":297,"scriptPaths":298,"versionParams":299},[295,296],"\u002Fwp-content\u002Fplugins\u002Frumbletalk-chat-a-chat-with-themes\u002Fadmin\u002Fjs\u002Fadd-mce-buttons.js","\u002Fwp-content\u002Fplugins\u002Frumbletalk-chat-a-chat-with-themes\u002Fadmin\u002Fjs\u002Frumbletalk-admin.js",[],[296],[300,301],"rumbletalk-chat-a-chat-with-themes\u002Fadmin\u002Fjs\u002Frumbletalk-admin.js?ver=","rumbletalk-chat-a-chat-with-themes\u002Fadmin\u002Fjs\u002Fadd-mce-buttons.js?ver=",{"cssClasses":303,"htmlComments":304,"htmlAttributes":305,"restEndpoints":307,"jsGlobals":308,"shortcodeOutput":310},[],[],[306],"button_rumbletalk_chat",[],[309],"_resources",[]]