PT-2024-37898 · WordPress · Chatbot With Chatgpt

Name of the Vulnerable Software and Affected Versions: The Chatbot with ChatGPT WordPress plugin versions prior to 2.4.5 Description: The issue concerns the lack of sanitization and escaping of user inputs, which could allow unauthenticated users to perform Stored Cross-Site Scripting attacks...

X accused of unlawfully using personal data of 60 million+ users to train its AI

In what may come as a surprise to nobody at all, theres been yet another complaint about using social media data to train Artificial Intelligence AI. This time the complaint is against X formerly Twitter and Grok, the conversational AI chatbot developed by Elon Musks company xAI. Grok is a large...

CVE-2024-6498

The Chatbot for WordPress by Collect.chat ⚡️ WordPress plugin before 2.4.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

CVE-2024-6498

CVE-2024-6498 affects the WordPress plugin Chatbot for WordPress by Collect.chat (versions

WordPress plugin Chatbot for WordPress 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2024-38791

Server-Side Request Forgery SSRF vulnerability in Jordy Meow AI Engine: ChatGPT Chatbot allows Server Side Request Forgery.This issue affects AI Engine: ChatGPT Chatbot: from n/a through 2.4.7...

CVE-2024-38791

Server-Side Request Forgery SSRF vulnerability in Jordy Meow AI Engine: ChatGPT Chatbot allows Server Side Request Forgery.This issue affects AI Engine: ChatGPT Chatbot: from n/a through 2.4.7...

CVE-2024-38791 WordPress AI ENGINE plugin <= 2.4.7 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in Jordy Meow AI Engine: ChatGPT Chatbot allows Server Side Request Forgery.This issue affects AI Engine: ChatGPT Chatbot: from n/a through 2.4.7...

WordPress plugin AI Engine: ChatGPT Chatbot 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress plugin AI Engine: ChatGPT A code...

Malicious code in noc-chatbot (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 404db7a5f4f99325b3d619a50290cc88ef3bdd8cc789301a4d3c54c655a20418 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-7833 Malicious code in noc-chatbot (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 404db7a5f4f99325b3d619a50290cc88ef3bdd8cc789301a4d3c54c655a20418 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

ChatBot Application With A Suggestion Feature 1.0 Insecure Settings

==================================================================================================================================== | Title : ChatBot Application with a Suggestion Feature v1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser :...

CVE-2024-6669 AI ChatBot for WordPress – WPBot <= 5.5.7 - Authenticated (Administrator+) Stored Cross-Site Scripting

The AI ChatBot for WordPress – WPBot plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 5.5.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

WordPress ChatBot Plugin <= 5.5.7 is vulnerable to Cross Site Scripting (XSS)

Software ChatBot Type Plugin Vulnerable versions = 5.5.7 Fixed in 5.5.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6669 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID f3c4f285392a Credits Artem Polynko Artem Polynko...

CVE-2024-21188

CVE-2024-21188 affects Oracle Financial Services Revenue Management and Billing (Chatbot) with affected versions 6.0.0.0.0–6.1.0.0.0. The issue arises from insufficient input validation in the Chatbot component, enabling a remote attacker to modify or read data via HTTP, with attacks requiring us...

CVE-2024-5993

The Cliengo – Chatbot plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'updatesession' function in all versions up to, and including, 3.0.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, ...

CVE-2024-5992

The Cliengo – Chatbot plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'updatechatbottoken' and 'updatechatbotposition' functions in all versions up to, and including, 3.0.2. This makes it possible for unauthenticated attackers to...

CVE-2024-5992

CVE-2024-5992 - Cliengo for WordPress : The Cliengo – Chatbot plugin is vulnerable to unauthorized modification of data due to a missing capability check on update_chatbot_token and update_chatbot_position in all versions up to 3.0.1. This allows unauthenticated attackers to change chatbot settin...

CVE-2024-5992 Cliengo - Chatbot <= 3.0.2 - Missing Authorization to Unauthenticated Chatbot Settings Update

The Cliengo – Chatbot plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'updatechatbottoken' and 'updatechatbotposition' functions in all versions up to, and including, 3.0.2. This makes it possible for unauthenticated attackers to...

CVE-2024-5993 Cliengo - Chatbot <= 3.0.2 - Missing Authorization to Authorized (Subscriber+) Chatbot Settings Update

The Cliengo – Chatbot plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'updatesession' function in all versions up to, and including, 3.0.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, ...