CVE-2023-5241

creationtimestamp| type| source ---|---|--- 2023-10-20 07:34:54+00:00| seen| https://t.me/cibsecurity/72637 2025-06-12 15:34:17+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/18193...

CVE-2023-5646

Rejected reason: REJECT DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2023-5241. Reason: This record is a reservation duplicate of CVE-2023-5241. Notes: All CVE users should reference CVE-2023-5241 instead of this record. All references and descriptions in this record have been removed to prevent...

CVE-2023-5241

CVE-2023-5241 affects the WordPress AI ChatBot plugin. It is a Directory Traversal via the function qcld_openai_upload_pagetraining_file , enabling subscriber‑level attackers to append PHP code to existing server files (e.g., wp-config.php), with potential DoS. Affected versions are up to 4.8.9 a...

CVE-2023-5241

The AI ChatBot for WordPress is vulnerable to Directory Traversal in versions up to, and including, 4.8.9 as well as 4.9.2 via the qcldopenaiuploadpagetrainingfile function. This allows subscriber-level attackers to append "?php" to any existing file on the server resulting in potential DoS when...

CVE-2023-5241 AI ChatBot <= 4.8.9 and 4.9.2 - Authenticated (Subscriber+) Directory Traversal to Arbitrary File Write via qcld_openai_upload_pagetraining_file

The AI ChatBot for WordPress is vulnerable to Directory Traversal in versions up to, and including, 4.8.9 as well as 4.9.2 via the qcldopenaiuploadpagetrainingfile function. This allows subscriber-level attackers to append "?php" to any existing file on the server resulting in potential DoS when...

WordPress ChatBot Plugin <= 4.8.9 is vulnerable to Path Traversal

Software ChatBot Type Plugin Vulnerable versions = 4.8.9 Fixed in 4.9.1 OWASP Top 10 A3: Injection Classification Path Traversal CVE CVE-2023-5241 Patch priority High CVSS severity High 9.6 Developer Claim ownership PSID 066f9b5875d8 Credits Marco Wotschka Required privilege Subscriber Published ...