WordPress plugin Kognetiks Chatbot 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress plugin Kognetiks Chatbot 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

WordPress plugin Kognetiks Chatbot 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress Kognetiks Chatbot for WordPress Plugin <= 2.1.7 is vulnerable to Broken Access Control

Software Kognetiks Chatbot for WordPress Type Plugin Vulnerable versions = 2.1.7 Fixed in 2.1.8 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-10529 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID e735c38414b8 Credits Tieu Pham Tro...

WordPress Kognetiks Chatbot for WordPress Plugin <= 2.1.8 is vulnerable to Cross Site Request Forgery (CSRF)

Software Kognetiks Chatbot for WordPress Type Plugin Vulnerable versions = 2.1.8 Fixed in 2.1.9 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-11143 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID d37ea7308959 Credits Tie...

WordPress Kognetiks Chatbot for WordPress Plugin <= 2.1.7 is vulnerable to Broken Access Control

Software Kognetiks Chatbot for WordPress Type Plugin Vulnerable versions = 2.1.7 Fixed in 2.1.8 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-10530 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 918318d433d6 Credits Tieu Pham Tro...

WordPress Kognetiks Chatbot for WordPress plugin <= 2.1.7 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Le Ngoc Anh in WordPress Plugin Kognetiks Chatbot for WordPress versions = 2.1.7...

WordPress Kognetiks Chatbot for WordPress plugin <= 2.1.7 - Missing Authorization to Authenticated (Subscriber+) Assistant Update vulnerability

Missing Authorization to Authenticated Subscriber+ Assistant Update vulnerability discovered by Tieu Pham Trong Nhan in WordPress Plugin Kognetiks Chatbot for WordPress versions = 2.1.7...

PT-2024-16345 · Kognetiks · Kognetiks Chatbot For Wordpress

Name of the Vulnerable Software and Affected Versions: Kognetiks Chatbot for WordPress plugin versions up to, and including, 2.1.7 Description: The Kognetiks Chatbot for WordPress plugin is vulnerable to unauthorized modification of data due to a missing capability check on the delete assistant...

WordPress Kognetiks Chatbot for WordPress Plugin <= 2.1.7 is vulnerable to Cross Site Scripting (XSS)

Software Kognetiks Chatbot for WordPress Type Plugin Vulnerable versions = 2.1.7 Fixed in 2.1.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10684 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID e89537076c29 Credits L...

PT-2024-16348 · WordPress · Kognetiks Chatbot

Name of the Vulnerable Software and Affected Versions: Kognetiks Chatbot for WordPress plugin for WordPress versions up to, and including, 2.1.7 Description: The issue is related to unauthorized modification of data due to a missing capability check on the update assistant function. This allows...

WordPress Kognetiks Chatbot for WordPress Plugin <= 2.1.7 is vulnerable to Broken Access Control

Software Kognetiks Chatbot for WordPress Type Plugin Vulnerable versions = 2.1.7 Fixed in 2.1.8 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-10531 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 6a39d8077c55 Credits Tieu Pham Tro...

CVE-2024-48396

AIML Chatbot 1.0 fixed in 2.0 is vulnerable to Cross Site Scripting XSS. The vulnerability is exploited through the message input field, where attackers can inject malicious HTML or JavaScript code. The chatbot fails to sanitize these inputs, leading to the execution of malicious scripts...

CVE-2024-48396

CVE-2024-48396 affects AIML Chatbot 1.0 (fixed in 2.0). The issue is a Cross Site Scripting (XSS) vulnerability introduced by insufficient sanitization of inputs in the message field, allowing execution of injected HTML/JavaScript. Red Hat and other sources corroborate the XSS flaw and indicate v...

Chatbot 安全漏洞

Chatbot is an artificial intelligence based chatbot by Sohel Amin Personal Developer. A security vulnerability exists in Chatbot version 1.0, which stems from vulnerability to cross-site scripting attacks, where an attacker can inject malicious HTML or JavaScript code, and the chatbot is unable t...

CVE-2024-48396

AIML Chatbot 1.0 fixed in 2.0 is vulnerable to Cross Site Scripting XSS. The vulnerability is exploited through the message input field, where attackers can inject malicious HTML or JavaScript code. The chatbot fails to sanitize these inputs, leading to the execution of malicious scripts...

CVE-2024-48396

AIML Chatbot 1.0 fixed in 2.0 is vulnerable to Cross Site Scripting XSS. The vulnerability is exploited through the message input field, where attackers can inject malicious HTML or JavaScript code. The chatbot fails to sanitize these inputs, leading to the execution of malicious scripts...

THN Cybersecurity Recap: Top Threats, Tools and Trends (Oct 7 - Oct 13)

Hey there, it's your weekly dose of "what the heck is going on in cybersecurity land " – and trust me, you NEED to be in the loop this time. We've got everything from zero-day exploits and AI gone rogue to the FBI playing crypto kingpin – it's full of stuff they don't 🤫 want you to know. So let's...

WordPress AI Chatbot with ChatGPT by AYS plugin <= 2.0.9 - Unauthenticated OpenAI Key Disclosure vulnerability

Unauthenticated OpenAI Key Disclosure vulnerability discovered by Kieran Burge in WordPress Plugin AI ChatBot with ChatGPT and Content Generator by AYS versions = 2.0.9...

CVE-2024-7714

The AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0 lacks sufficient access controls allowing an unauthenticated user to disconnect the AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0 from OpenAI, thereby disabling the AI ChatB...