NVIDIA ChatRTX 安全漏洞

NVIDIA ChatRTX is a content personalization chatbot from NVIDIA Corporation. A security vulnerability exists in NVIDIA ChatRTX that stems from sensitive information being transmitted in clear text...

WordPress plugin Kognetiks Chatbot for WordPress 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability exists i...

CVE-2024-34440 WordPress AI Engine plugin <= 2.2.63 - Auth. Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow AI Engine: ChatGPT Chatbot.This issue affects AI Engine: ChatGPT Chatbot: from n/a through 2.2.63...

CVE-2024-34440 WordPress AI Engine plugin <= 2.2.63 - Auth. Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow AI Engine: ChatGPT Chatbot.This issue affects AI Engine: ChatGPT Chatbot: from n/a through 2.2.63...

CVE-2024-32700 WordPress Kognetiks Chatbot for WordPress plugin <= 2.0.0 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Kognetiks Kognetiks Chatbot for WordPress.This issue affects Kognetiks Chatbot for WordPress: from n/a through 2.0.0...

CVE-2024-32700

CVE-2024-32700 – Kognetiks Chatbot for WordPress Unrestricted Upload of File with Dangerous Type in the Kognetiks Chatbot for WordPress plugin affects versions up to 2.0.0 and is unauthenticated. Documented by NVD/Red Hat and Wordfence as a critical issue: allows arbitrary file upload (dangerous ...

CVE-2024-32700 WordPress Kognetiks Chatbot for WordPress plugin <= 2.0.0 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Kognetiks Kognetiks Chatbot for WordPress.This issue affects Kognetiks Chatbot for WordPress: from n/a through 2.0.0...

WordPress Kognetiks Chatbot for WordPress plugin <= 2.0.0 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Kognetiks Chatbot for WordPress versions = 2.0.0...

WordPress Kognetiks Chatbot for WordPress Plugin <= 2.0.0 is vulnerable to Arbitrary File Upload

Software Kognetiks Chatbot for WordPress Type Plugin Vulnerable versions = 2.0.0 Fixed in 2.0.1 OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-32700 Patch priority High CVSS severity High 10 Developer Claim ownership PSID 4fb22828865e Credits LVT-tholv2k Required...

PT-2024-25894 · Unknown · Jordy Meow Ai Engine +1

Name of the Vulnerable Software and Affected Versions: Jordy Meow AI Engine: ChatGPT Chatbot versions n/a through 2.2.63 Description: The issue is related to an Unrestricted Upload of File with Dangerous Type, which affects the AI Engine: ChatGPT Chatbot. Recommendations: For versions n/a through...

PT-2024-24787 · Kognetiks · Kognetiks Chatbot For Wordpress

Name of the Vulnerable Software and Affected Versions: Kognetiks Chatbot for WordPress versions n/a through 2.0.0 Description: The issue is related to an Unrestricted Upload of File with Dangerous Type, which affects the Kognetiks Chatbot for WordPress. This allows for the upload of files with...

CVE-2024-4560

CVE-2024-4560 affects the Kognetiks Chatbot for WordPress plugin. It reveals unauthenticated arbitrary file upload via chatbot_chatgpt_upload_file_to_assistant, in all versions up to 1.9.9, due to missing file-type validation. This could lead to remote code execution on the affected site. A patch...

CVE-2024-4560 Kognetiks Chatbot for WordPress <= 1.9.9 - Unauthenticated Arbitrary File Upload via chatbot_chatgpt_upload_file_to_assistant Function

The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the chatbotchatgptuploadfiletoassistant function in all versions up to, and including, 1.9.9. This makes it possible for unauthenticated attackers, with to uploa...

CVE-2024-4560 Kognetiks Chatbot for WordPress <= 1.9.9 - Unauthenticated Arbitrary File Upload via chatbot_chatgpt_upload_file_to_assistant Function

The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the chatbotchatgptuploadfiletoassistant function in all versions up to, and including, 1.9.9. This makes it possible for unauthenticated attackers, with to uploa...

PT-2024-31701 · WordPress · Kognetiks Chatbot

Name of the Vulnerable Software and Affected Versions: Kognetiks Chatbot for WordPress plugin versions up to, and including, 1.9.9 Description: The issue is related to arbitrary file uploads due to missing file type validation in the chatbot chatgpt upload file to assistant function. This allows...

CVE-2024-32964 lobe-chat `/api/proxy` endpoint Server-Side Request Forgery vulnerability

Lobe Chat is a chatbot framework that supports speech synthesis, multimodal, and extensible Function Call plugin system. Prior to 0.150.6, lobe-chat had an unauthorized Server-Side Request Forgery vulnerability in the /api/proxy endpoint. An attacker can construct malicious requests to cause...

Kognetiks Chatbot for WordPress < 2.0.0 - Unauthenticated Arbitrary File Upload via chatbot_chatgpt_upload_file_to_assistant Function

Description The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the chatbotchatgptuploadfiletoassistant function in all versions up to, and including, 1.9.9. This makes it possible for unauthenticated attackers,...

CVE-2024-34380

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in QuantumCloud Conversational Forms for ChatBot allows Stored XSS.This issue affects Conversational Forms for ChatBot: from n/a through 1.2.0...

CVE-2024-34380 WordPress ChatBot Conversational Forms plugin <= 1.2.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in QuantumCloud Conversational Forms for ChatBot allows Stored XSS.This issue affects Conversational Forms for ChatBot: from n/a through 1.2.0...

CVE-2024-34380 WordPress ChatBot Conversational Forms plugin <= 1.2.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in QuantumCloud Conversational Forms for ChatBot allows Stored XSS.This issue affects Conversational Forms for ChatBot: from n/a through 1.2.0...