CVE-2025-24666 WordPress Hyve Lite plugin <= 1.2.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themeisle AI Chatbot for WordPress – Hyve Lite hyve-lite allows Stored XSS.This issue affects AI Chatbot for WordPress – Hyve Lite: from n/a through = 1.2.2...

CVE-2025-24666

CVE-2025-24666 : The WordPress plugin AI Chatbot for WordPress – Hyve Lite contains a cross-site scripting vulnerability due to improper input neutralization during web page generation. Affects Hyve Lite versions from n/a up to and including 1.2.2 (Stored XSS). The CVSSv3.1 base score is 5.9 (Med...

PT-2025-5487 · WordPress · Ai Chatbot For Wordpress – Hyve Lite

Name of the Vulnerable Software and Affected Versions: AI Chatbot for WordPress – Hyve Lite versions 1.2.2 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Stored XSS attacks...

Meet GhostGPT: The Malicious AI Chatbot Fueling Cybercrime and Scams

Abnormal Security uncovers GhostGPT, an uncensored AI chatbot built for cybercrime. Learn how it boosts cybercriminals' abilities, makes…...

CVE-2024-12879

The WPBot Pro Wordpress Chatbot plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'qcwplatestupdatecheckpro' function in all versions up to, and including, 13.5.5. This makes it possible for authenticated attackers, with...

CVE-2024-12879 WPBot Pro Wordpress Chatbot <= 13.5.5 - Missing Authorization to Authenticated (Subscriber+) Simple Text Response Creation

The WPBot Pro Wordpress Chatbot plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'qcwplatestupdatecheckpro' function in all versions up to, and including, 13.5.5. This makes it possible for authenticated attackers, with...

CVE-2024-12879

CVE-2024-12879 concerns WPBot Pro WordPress Chatbot plugin (versions up to and including 13.5.5). The connected sources confirm a missing capability check in the qc_wp_latest_update_check_pro function that permits authenticated users with Subscriber-level access and above to create Simple Text Re...

CVE-2024-12879 WPBot Pro Wordpress Chatbot <= 13.5.5 - Missing Authorization to Authenticated (Subscriber+) Simple Text Response Creation

The WPBot Pro Wordpress Chatbot plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'qcwplatestupdatecheckpro' function in all versions up to, and including, 13.5.5. This makes it possible for authenticated attackers, with...

WordPress plugin WPBot Pro Wordpress Chatbot 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress plugin WPBot Pro Wordpress Chatbot 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...

CVE-2024-13091

CVE-2024-13091 affects the WPBot Pro WordPress plugin (versions ≤ 13.5.4). The vulnerability stems from missing file-type validation in the qcld_wpcfb_file_upload function, allowing unauthenticated attackers to upload arbitrary files to the server. This could enable remote code execution, especia...

WordPress WPBot Pro Wordpress Chatbot plugin <= 13.5.5 - Missing Authorization to Authenticated (Subscriber+) Simple Text Response Creation vulnerability

Missing Authorization to Authenticated Subscriber+ Simple Text Response Creation vulnerability discovered by BrokenAC ignore in WordPress Plugin WPBot Pro Wordpress Chatbot versions = 13.5.5...

WordPress WPBot Pro Wordpress Chatbot plugin <= 13.5.4 - Unauthenticated Arbitrary File Upload vulnerability

Unauthenticated Arbitrary File Upload vulnerability discovered by István Márton in WordPress Plugin WPBot Pro Wordpress Chatbot versions = 13.5.4...

The vulnerability of the Chatbot component of Oracle Financial Services’ Revenue Management and Billing system allows a hacker to gain unauthorized access to read, add, modify, or delete data.

The vulnerability of the Chatbot component of Oracle Financial Services’ Revenue Management and Billing system is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to read, add, modify, or delete...

CVE-2025-22813

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in QuantumCloud Conversational Forms for ChatBot conversational-forms allows Stored XSS.This issue affects Conversational Forms for ChatBot: from n/a through = 1.4.2...

CVE-2025-22813

CVE-2025-22813 is a stored XSS in ChatBot Conversational Forms (WordPress plugin) affecting Conversational Forms for ChatBot up to and including 1.4.2. Exploitation requires authentication (Contributor+). The issue is fixed in a patched release; upgrade to the patched version to mitigate. Details...

WordPress plugin Conversational Forms for ChatBot 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

PT-2025-4722 · Unknown · Chatbot Conversational Forms

Name of the Vulnerable Software and Affected Versions: Conversational Forms para ChatBot versions 1.4.2 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for Cross-site Scripting XSS. Specifically, it enables Stored XSS. Thi...

WordPress ChatBot Conversational Forms plugin <= 1.4.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Peter Thaleikis Patchstack Alliance in WordPress Plugin Conversational Forms for ChatBot versions = 1.4.2...

WordPress plugin Chative Live chat and Chatbot 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...