CVE-2023-5241

2023-10-1905:34:10

Wordfence

www.cve.org

ai chatbot

wordpress

directory traversal

vulnerability

dos

cve-2023-5241

9.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H

8.6 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

47.9%

JSON

The AI ChatBot for WordPress is vulnerable to Directory Traversal in versions up to, and including, 4.8.9 as well as 4.9.2 via the qcld_openai_upload_pagetraining_file function. This allows subscriber-level attackers to append “<?php” to any existing file on the server resulting in potential DoS when appended to critical files such as wp-config.php.

CNA Affected

[
  {
    "vendor": "quantumcloud",
    "product": "AI ChatBot",
    "versions": [
      {
        "version": "*",
        "status": "affected",
        "lessThanOrEqual": "4.8.9",
        "versionType": "semver"
      },
      {
        "version": "4.9.1",
        "status": "affected"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

References

packetstormsecurity.com/files/175371/WordPress-AI-ChatBot-4.8.9-SQL-Injection-Traversal-File-Deletion.html

plugins.trac.wordpress.org/browser/chatbot/trunk/includes/openai/qcld-bot-openai.php#L376

plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2977505%40chatbot%2Ftrunk&old=2967435%40chatbot%2Ftrunk&sfp_email=&sfph_mail=

www.wordfence.com/threat-intel/vulnerabilities/id/25199281-5286-4d75-8d27-26ce215e0993?source=cve