CVE-2023-23981

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in QuantumCloud Conversational Forms for ChatBot plugin = 1.1.6 versions...

CVE-2023-5534

The AI ChatBot plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.8.9 and 4.9.2. This is due to missing or incorrect nonce validation on the corresponding functions. This makes it possible for unauthenticated attackers to invoke those functions vi...

CVE-2023-51409

Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow AI Engine: ChatGPT Chatbot.This issue affects AI Engine: ChatGPT Chatbot: from n/a through 1.9.98...

CVE-2023-32581

Missing Authorization vulnerability in MobileMonkey WP-Chatbot for Messenger allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP-Chatbot for Messenger: from n/a through 4.7...

CVE-2022-31966

ChatBot App with Suggestion v1.0 is vulnerable to Delete any file via /simplechatbot/classes/Master.php?f=deleteimg...

CVE-2022-30459

ChatBot App with Suggestion in PHP/OOP v1.0 is vulnerable to SQL Injection via /simplechatbot/classes/Master.php?f=deleteresponse, id...

CVE-2022-30464

ChatBot App with Suggestion in PHP/OOP v1.0 is vulnerable to Cross Site Scripting XSS via /simplechatbot/classes/Master.php?f=saveresponse...

CVE-2022-30518

ChatBot Application with a Suggestion Feature 1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /simplechatbot/admin/responses/viewresponse.php...

CVE-2022-47613

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in QuantumCloud AI ChatBot plugin = 4.3.0 versions...

CVE-2021-29267

Sherlock SherlockIM through 2021-03-29 allows Cross Site Scripting XSS by leveraging the api/Files/Attachment URI to attack help-desk staff via the chatbot feature...

CVE-2025-47582

Deserialization of Untrusted Data vulnerability in QuantumCloud WPBot Pro Wordpress Chatbot allows Object Injection.This issue affects WPBot Pro Wordpress Chatbot: from n/a through 12.7.0...

CVE-2025-47582

Deserialization of Untrusted Data vulnerability in QuantumCloud WPBot Pro Wordpress Chatbot allows Object Injection.This issue affects WPBot Pro Wordpress Chatbot: from n/a through 12.7.0...

CVE-2025-47582

Deserialization of Untrusted Data vulnerability in QuantumCloud WPBot Pro Wordpress Chatbot allows Object Injection.This issue affects WPBot Pro Wordpress Chatbot: from n/a through 12.7.0...

CVE-2025-47582

CVE-2025-47582 describes a Deserialization of Untrusted Data vulnerability in the WordPress plugin WPBot Pro WordPress Chatbot (affected: versions n/a through 12.7.0) that allows PHP object injection . The issue, stated across sources, indicates untrusted data deserialization can be exploited to ...

WordPress WPBot Pro Wordpress Chatbot plugin <= 13.6.5 - Arbitrary File Deletion vulnerability

Arbitrary File Deletion vulnerability discovered by Tran Nguyen Bao KhanhVCI - VNPT in WordPress Plugin WPBot Pro Wordpress Chatbot versions = 13.6.5...

WordPress ChatBot plugin < 6.2.4 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Bob Matyas in WordPress Plugin ChatBot versions 6.2.4...

WordPress plugin WPBot Pro Wordpress Chatbot 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...

CVE-2025-0329

The AI ChatBot for WordPress WordPress plugin before 6.2.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

WordPress plugin WPBot Pro Wordpress Chatbot 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2025-0329

The AI ChatBot for WordPress WordPress plugin before 6.2.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...