CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

111 matches found

Vulnrichment•added 2026/06/15 8:18 p.m.•5 views

CVE-2026-40788 WordPress ChatBot plugin <= 7.9.7 - Broken Access Control vulnerability

Subscriber Broken Access Control in ChatBot = 7.9.7 versions...

7.1CVSS5.1AI score0.00307EPSS

Exploits0References1

CVE•added 2026/06/15 8:18 p.m.•8 views

CVE-2026-40788

CVE-2026-40788 affects WordPress ChatBot plugin versions

7.1CVSS5.1AI score0.00307EPSS

Exploits0References1

Cvelist•added 2026/05/20 5:31 a.m.•39 views

CVE-2026-2955 AI Chatbot & Workflow Automation by AIWU <= 1.4.14 - Unauthenticated Stored Cross-Site Scripting via 'X-Forwarded-For' Header

The AI Chatbot & Workflow Automation by AIWU plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'X-Forwarded-For' header in versions up to, and including, 1.4.14 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers...

6.4CVSS0.00223EPSS

Exploits0References2

Cvelist•added 2026/03/25 4:15 p.m.•24 views

CVE-2026-32499 WordPress ChatBot plugin <= 7.7.9 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in QuantumCloud ChatBot chatbot allows Blind SQL Injection.This issue affects ChatBot: from n/a through = 7.7.9...

9.3CVSS0.00283EPSS

Exploits0References1

Vulnrichment•added 2026/03/25 4:15 p.m.•2 views

CVE-2026-32499 WordPress ChatBot plugin <= 7.7.9 - SQL Injection vulnerability

9.3CVSS5.9AI score0.00283EPSS

Exploits0References1

Patchstack•added 2026/03/20 5:36 p.m.•2 views

WordPress ChatBot plugin <= 7.7.9 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin ChatBot versions = 7.7.9...

9.3CVSS5.9AI score0.00283EPSS

Exploits0Affected Software1

CNNVD•added 2026/03/03 12:0 a.m.•6 views

WordPress plugin AI ChatBot with ChatGPT and Content Generator by AYS 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

5.3CVSS5.8AI score0.00319EPSS

Exploits0References3

Patchstack•added 2026/02/03 3:18 p.m.•5 views

WordPress AI ChatBot plugin <= 5.3.4 - Missing Authorization via openai_file_delete_callback vulnerability

Missing Authorization via openaifiledeletecallback vulnerability discovered by Francesco Carlucci in WordPress Plugin ChatBot versions = 5.3.4...

7.7CVSS5.3AI score0.00363EPSS

Exploits0References1Affected Software1

Patchstack•added 2026/02/03 3:17 p.m.•5 views

WordPress AI ChatBot plugin <= 5.3.4 - Missing Authorization via openai_file_list_callback vulnerability

Missing Authorization via openaifilelistcallback vulnerability discovered by Francesco Carlucci in WordPress Plugin ChatBot versions = 5.3.4...

5CVSS5.3AI score0.00383EPSS

Exploits0References1Affected Software1

Patchstack•added 2025/11/27 11:30 a.m.•6 views

WordPress AI ChatBot with ChatGPT and Content Generator by AYS plugin <= 2.7.0 - Unauthenticated Server-Side Request Forgery via 'pinecone_url' Parameter vulnerability

Unauthenticated Server-Side Request Forgery via 'pineconeurl' Parameter vulnerability discovered by blue0x1 in WordPress Plugin AI ChatBot with ChatGPT and Content Generator by AYS versions = 2.7.0...

6.5CVSS7.1AI score0.0024EPSS

Exploits0References1Affected Software1

CNVD•added 2025/11/18 12:0 a.m.•2 views

WordPress ChatBot plugin missing authorization vulnerability

WordPress ChatBot plugin is a tool that provides live chat and AI chatbot functionality for WordPress websites, helping users to instantly communicate with visitors, increase customer satisfaction and optimize sales conversions. WordPress ChatBot plugin suffers from a lack of authorization...

5.3CVSS6.8AI score0.00234EPSS

Exploits0References1

Cvelist•added 2025/11/13 9:24 a.m.•7 views

CVE-2025-64277 WordPress ChatBot plugin <= 7.3.9 - Broken Access Control vulnerability

Missing Authorization vulnerability in QuantumCloud ChatBot chatbot allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ChatBot: from n/a through = 7.3.9...

5.3CVSS0.00234EPSS

Exploits0References1

CNNVD•added 2025/11/13 12:0 a.m.•2 views

WordPress plugin ChatBot 安全漏洞

5.3CVSS6.5AI score0.00234EPSS

Exploits0References1

CVE•added 2025/10/27 1:34 a.m.•13 views

CVE-2025-62952

CVE-2025-62952 is a Missing Authorization/Broken Access Control vulnerability in WordPress ChatBot plugin (versions up to and including 7.7.3). Public sources (NVD/Red Hat/EUVD/CVE list) describe an access-control bypass that could allow an attacker to exploit improper access controls. The assign...

4.3CVSS5.9AI score0.00197EPSS

Exploits0References1

CNNVD•added 2025/10/27 12:0 a.m.•3 views

WordPress plugin ChatBot 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

4.3CVSS6.5AI score0.00197EPSS

Exploits0References1