1134 matches found
CVE-2024-54306
Cross-Site Request Forgery CSRF vulnerability in aitool AIKCT Engine Chatbot, ChatGPT, Gemini, GPT-4o Best AI Chatbot ai-seo-translator allows Cross Site Request Forgery.This issue affects AIKCT Engine Chatbot, ChatGPT, Gemini, GPT-4o Best AI Chatbot: from n/a through = 1.6.2...
CVE-2023-32581
Missing Authorization vulnerability in MobileMonkey WP-Chatbot for Messenger allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP-Chatbot for Messenger: from n/a through 4.7...
CVE-2023-32581
Missing Authorization vulnerability in larrykim WP-Chatbot for Messenger wp-chatbot allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP-Chatbot for Messenger: from n/a through = 4.7...
CVE-2024-54306 WordPress AIKCT Engine Chatbot, ChatGPT, Gemini, GPT-4o Best AI Chatbot plugin <= 1.6.2 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in KCT AIKCT Engine Chatbot, ChatGPT, Gemini, GPT-4o Best AI Chatbot allows Cross Site Request Forgery.This issue affects AIKCT Engine Chatbot, ChatGPT, Gemini, GPT-4o Best AI Chatbot: from n/a through 1.6.2...
CVE-2024-54306 WordPress AIKCT Engine Chatbot, ChatGPT, Gemini, GPT-4o Best AI Chatbot plugin <= 1.6.2 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in aitool AIKCT Engine Chatbot, ChatGPT, Gemini, GPT-4o Best AI Chatbot ai-seo-translator allows Cross Site Request Forgery.This issue affects AIKCT Engine Chatbot, ChatGPT, Gemini, GPT-4o Best AI Chatbot: from n/a through = 1.6.2...
CVE-2024-54306
CVE-2024-54306 is a CSRF vulnerability in AIKCT Engine Chatbot and related integrations (ChatGPT, Gemini, GPT-4o Best AI Chatbot) affecting versions up to 1.6.2. The issue enables unauthorized state-changing requests from trusted contexts via Cross-Site Request Forgery. The connected Red Hat advi...
CVE-2023-32581
CVE-2023-32581 affects WP-Chatbot for Messenger (WordPress plugin) up to version 4.7, with a Missing Authorization / Broken Access Control vulnerability. Root cause: insufficient access control checks enabling unauthorized actions via the plugin. CVSS v3.1 base score is 5.4 (Medium). Patch: fixed...
CVE-2023-32581 WordPress WP-Chatbot for Messenger plugin <= 4.7 - Broken Access Control
Missing Authorization vulnerability in MobileMonkey WP-Chatbot for Messenger allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP-Chatbot for Messenger: from n/a through 4.7...
WordPress plugin AIKCT Engine Chatbot, ChatGPT, Gemini, GPT-4o Best AI Chatbot 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin AIKCT Engine...
WordPress plugin WP-Chatbot for Messenger 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...
PT-2024-12333 · Unknown · Wp-Chatbot For Messenger
Name of the Vulnerable Software and Affected Versions: WP-Chatbot for Messenger versions through 4.7 Description: The issue involves a Missing Authorization vulnerability, allowing the exploitation of incorrectly configured access control security levels. This is a result of broken access control...
WordPress AIKCT Engine Chatbot, ChatGPT, Gemini, GPT-4o Best AI Chatbot plugin <= 1.6.2 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin AIKCT Engine Chatbot, ChatGPT, Gemini, GPT-4o Best AI Chatbot versions = 1.6.2...
Google’s Gemini AI Chatbot Keeps Telling Users to Die
Google's Gemini AI Chatbot faces backlash after multiple incidents of it telling users to die, raising concerns about…...
WordPress Kognetiks Chatbot for WordPress plugin <= 2.1.8 - Cross-Site Request Forgery to Authenticated (Subscriber+) Assistant Modification vulnerability
Cross-Site Request Forgery to Authenticated Subscriber+ Assistant Modification vulnerability discovered by Tieu Pham Trong Nhan in WordPress Plugin Kognetiks Chatbot for WordPress versions = 2.1.8...
WordPress Kognetiks Chatbot for WordPress plugin <= 2.1.7 - Missing Authorization to Authenticated (Subscriber+) Assistant Addition vulnerability
Missing Authorization to Authenticated Subscriber+ Assistant Addition vulnerability discovered by Tieu Pham Trong Nhan in WordPress Plugin Kognetiks Chatbot for WordPress versions = 2.1.7...
WordPress Kognetiks Chatbot for WordPress plugin <= 2.1.7 - Missing Authorization to Authenticated (Subscriber+) Assistant Deletion vulnerability
Missing Authorization to Authenticated Subscriber+ Assistant Deletion vulnerability discovered by Tieu Pham Trong Nhan in WordPress Plugin Kognetiks Chatbot for WordPress versions = 2.1.7...
CVE-2024-11143
The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.8. This is due to missing or incorrect nonce validation on the updateassistant, addnewassistant, and deleteassistant functions. This makes it possible for...
CVE-2024-11143
The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.8. This is due to missing or incorrect nonce validation on the updateassistant, addnewassistant, and deleteassistant functions. This makes it possible for...
CVE-2024-10531
The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the updateassistant function in all versions up to, and including, 2.1.7. This makes it possible for authenticated attackers, with subscriber-level acce...
CVE-2024-10684
The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'dir' parameter in all versions up to, and including, 2.1.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...