CVE-2026-41266

Flowise CVE-2026-41266 affects Flowise (drag-and-drop LLM workflow UI). Before version 3.1.0, GET/unauthenticated access to /api/v1/public-chatbotConfig/:id exposes sensitive data (API keys, HTTP Authorization headers, and internal configuration) without authentication. An attacker who only knows...

AI ChatBot with ChatGPT by AYS <= 2.6.6 - Unauthenticated API Key Exposure

AYS AI ChatBot with ChatGPT and Content Generator = 2.6.6 contains an insertion of sensitive information into sent data vulnerability caused by improper handling of embedded sensitive data, letting attackers retrieve sensitive information, exploit requires crafted input. id: CVE-2025-62039 info:...

PT-2026-28013

Name of the Vulnerable Software and Affected Versions QuantumCloud ChatBot versions through 7.7.9 Description A flaw exists in QuantumCloud ChatBot that allows for Blind SQL Injection due to improper neutralization of special elements used in an SQL command. This issue could potentially allow an...

Malicious code in @emerald-react/chat-bot (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5d0a6cbe19a31d336779d3e0975557852cb92372627904ed87950dfe35b67410 The package @emerald-react/chat-bot was found to contain malicious code...

MAL-2026-1602 Malicious code in @emerald-react/chat-bot (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5d0a6cbe19a31d336779d3e0975557852cb92372627904ed87950dfe35b67410 The package @emerald-react/chat-bot was found to contain malicious code...

WordPress AI ChatBot with ChatGPT and Content Generator by AYS plugin <= 2.7.5 - Missing Authorization to Unauthenticated API Key Modification vulnerability

Missing Authorization to Unauthenticated API Key Modification vulnerability discovered by Nabil Irawan - Heroes Cyber Security in WordPress Plugin AI ChatBot with ChatGPT and Content Generator by AYS versions = 2.7.5...

CVE-2026-25338

Missing Authorization vulnerability in Ays Pro AI ChatBot with ChatGPT and Content Generator by AYS ays-chatgpt-assistant allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AI ChatBot with ChatGPT and Content Generator by AYS: from n/a through = 2.7.4...

CVE-2026-25338 WordPress AI ChatBot with ChatGPT and Content Generator by AYS plugin <= 2.7.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in Ays Pro AI ChatBot with ChatGPT and Content Generator by AYS ays-chatgpt-assistant allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AI ChatBot with ChatGPT and Content Generator by AYS: from n/a through = 2.7.4...

CVE-2026-25338

CVE-2026-25338 concerns the WordPress plugin AI ChatBot with ChatGPT and Content Generator by AYS (versions through 2.7.4). Connected sources describe a Broken Access Control / Missing Authorization issue caused by misconfigured access control security levels, potentially enabling unauthorized ac...

CVE-2026-25338 WordPress AI ChatBot with ChatGPT and Content Generator by AYS plugin <= 2.7.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in Ays Pro AI ChatBot with ChatGPT and Content Generator by AYS ays-chatgpt-assistant allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AI ChatBot with ChatGPT and Content Generator by AYS: from n/a through = 2.7.4...

PT-2026-20705

Name of the Vulnerable Software and Affected Versions Ays Pro AI ChatBot with ChatGPT and Content Generator by AYS versions through 2.7.4 Description An authorization issue exists in Ays Pro AI ChatBot with ChatGPT and Content Generator by AYS ays-chatgpt-assistant, stemming from incorrectly...

WordPress AI ChatBot with ChatGPT and Content Generator by AYS plugin <= 2.7.4 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by w41bu1 in WordPress Plugin AI ChatBot with ChatGPT and Content Generator by AYS versions = 2.7.4...

CVE-2025-13381

CVE-2025-13381 (AYS & WordPress) Vulnerability exists in the AI ChatBot with ChatGPT and Content Generator by AYS plugin for WordPress due to a missing capability check in the ays_chatgpt_save_wp_media function through version 2.7.0, enabling unauthenticated users to upload media files. Wordfence...

WordPress AI ChatBot with ChatGPT and Content Generator by AYS plugin <= 2.7.0 - Missing Authorization to Unauthenticated Media File Uploads vulnerability

Missing Authorization to Unauthenticated Media File Uploads vulnerability discovered by blue0x1 in WordPress Plugin AI ChatBot with ChatGPT and Content Generator by AYS versions = 2.7.0...

WordPress plugin AI ChatBot with ChatGPT and Content Generator by AYS 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A code issue...

WordPress ArtiBot Free Chat Bot for WebSites plugin cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. The WordPress ArtiBot Free Chat Bot for WebSites plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and...

WordPress plugin ArtiBot Free Chat Bot for WebSites 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. The WordPress ArtiBot Free Chat Bot for WebSites plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and...

PT-2025-45306

Insertion of Sensitive Information Into Sent Data vulnerability in Ays Pro AI ChatBot with ChatGPT and Content Generator by AYS ays-chatgpt-assistant allows Retrieve Embedded Sensitive Data.This issue affects AI ChatBot with ChatGPT and Content Generator by AYS: from n/a through = 2.6.6...

CVE-2025-62952

Missing Authorization vulnerability in QuantumCloud ChatBot chatbot allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ChatBot: from n/a through = 7.7.3...

PT-2025-43827

Missing Authorization vulnerability in QuantumCloud ChatBot chatbot allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ChatBot: from n/a through = 7.3.0...