WordPress Autochat Automatic Conversation plugin unauthorized data modification vulnerability

WordPress Autochat Automatic Conversation plugin is an automated chat plugin designed for WordPress, which is mainly used to automate the communication between website visitors and merchants. WordPress Autochat Automatic Conversation plugin suffers from an unauthorized data modification...

CVE-2025-12043

The Autochat Automatic Conversation plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wpajaxnoprivauychtsaveCid' AJAX endpoint in all versions up to, and including, 1.1.9. This makes it possible for unauthenticated attackers to conne...

CVE-2025-12043

The Autochat Automatic Conversation plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wpajaxnoprivauychtsaveCid' AJAX endpoint in all versions up to, and including, 1.1.9. This makes it possible for unauthenticated attackers to conne...

EUVD-2025-199584

The Autochat Automatic Conversation plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wpajaxnoprivauychtsaveCid' AJAX endpoint in all versions up to, and including, 1.1.9. This makes it possible for unauthenticated attackers to conne...

CVE-2025-12043 Autochat Automatic Conversation <= 1.1.9 - Missing Authorization to Unauthenticated Settings Update

The Autochat Automatic Conversation plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wpajaxnoprivauychtsaveCid' AJAX endpoint in all versions up to, and including, 1.1.9. This makes it possible for unauthenticated attackers to conne...

CVE-2025-12043

CVE-2025-12043 concerns Autochat Automatic Conversation (WordPress) up to version 1.1.9. The Wordfence vulnerability report confirms a missing capability check on the WP AJAX endpoint wp_ajax_nopriv_auycht_saveCid, enabling unauthenticated attackers to connect and disconnect the client ID, i.e., ...

WordPress Autochat Automatic Conversation plugin <= 1.1.9 - Missing Authorization to Unauthenticated Settings Update vulnerability

Missing Authorization to Unauthenticated Settings Update vulnerability discovered by Legion Hunter in WordPress Plugin Autochat Automatic Conversation versions = 1.1.9...

WordPress plugin Autochat Automatic Conversation 安全漏洞

WordPress Autochat Automatic Conversation plugin is an automated chat plugin designed for WordPress, which is mainly used to automate the communication between website visitors and merchants. WordPress Autochat Automatic Conversation plugin suffers from an unauthorized data modification...

PT-2025-47997

The Autochat Automatic Conversation plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wp ajax nopriv auycht saveCid' AJAX endpoint in all versions up to, and including, 1.1.9. This makes it possible for unauthenticated attackers to...

EUVD-2023-43733

Malicious code in bioql PyPI...

CVE-2023-3041

The Autochat Automatic Conversation WordPress plugin through 1.1.7 does not sanitise and escape user input before outputting it back on the page, leading to a cross-site Scripting attack...

CVE-2023-3041

The Autochat Automatic Conversation WordPress plugin through 1.1.7 does not sanitise and escape user input before outputting it back on the page, leading to a cross-site Scripting attack...

Cross site scripting

The Autochat Automatic Conversation WordPress plugin through 1.1.7 does not sanitise and escape user input before outputting it back on the page, leading to a cross-site Scripting attack...

CVE-2023-3041 Autochat <= 1.1.7- Unauthenticated Stored XSS

The Autochat Automatic Conversation WordPress plugin through 1.1.7 does not sanitise and escape user input before outputting it back on the page, leading to a cross-site Scripting attack...

CVE-2023-3041

CVE-2023-3041 concerns the Autochat Automatic Conversation WordPress plugin (versions

CVE-2023-3041 Autochat <= 1.1.7- Unauthenticated Stored XSS

The Autochat Automatic Conversation WordPress plugin through 1.1.7 does not sanitise and escape user input before outputting it back on the page, leading to a cross-site Scripting attack...

WordPress plugin Autochat 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

WordPress Autochat Automatic Conversation Plugin <= 1.1.7 is vulnerable to Cross Site Scripting (XSS)

Software Autochat Automatic Conversation Type Plugin Vulnerable versions = 1.1.7 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-3041 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 29d0f8361ae6 Credits Rafael B...