WordPress ChatBot Plugin <= 5.4.5 is vulnerable to PHP Object Injection

Software ChatBot Type Plugin Vulnerable versions = 5.4.5 Fixed in 5.4.6 OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-22309 Patch priority High CVSS severity High 8.7 Developer Claim ownership PSID f351099f4f1e Credits Le Ngoc Anh Required privilege Unauthenticated...

A Bloody Pig Mask Is Just Part of a Wild New Criminal Charge Against eBay

Plus: Chinese officials tracked people using AirDrop, Stuxnet mole’s identity revealed, AI chatbot hacking, and more...

CVE-2023-5691

The Chatbot for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in version 2.3.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject...

CVE-2023-5691

The Chatbot for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in version 2.3.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject...

CVE-2023-5691

The Chatbot for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in version 2.3.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject...

CVE-2023-5691

The Chatbot for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in version 2.3.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject...

CVE-2023-5691

The Chatbot for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in version 2.3.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject...

CVE-2023-5691

CVE-2023-5691 : The Chatbot for WordPress plugin (collectchat) is affected up to version 2.3.9 and contains stored XSS in admin settings due to insufficient input sanitization and output escaping. Exploitation requires an authenticated user with Administrator privileges, and the vulnerability app...

WordPress Plugin Chatbot for WordPress Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

WordPress AI Engine: ChatGPT Chatbot Plugin <= 1.9.98 is vulnerable to Arbitrary File Upload

Software AI Engine: ChatGPT Chatbot Type Plugin Vulnerable versions = 1.9.98 Fixed in 1.9.99 OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2023-51409 Patch priority High CVSS severity High 10 Developer Claim ownership PSID fdd4a788407b Credits Rafie Muhammad Patchstack...

PT-2024-14117

Name of the Vulnerable Software and Affected Versions AI Engine: ChatGPT Chatbot versions 1.9.98 and earlier Description The issue is related to an Unrestricted Upload of File with Dangerous Type vulnerability in the AI Engine: ChatGPT Chatbot. This vulnerability allows for unauthenticated...

CVE-2023-48741

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in QuantumCloud AI ChatBot.This issue affects AI ChatBot: from n/a through 4.7.8...

CVE-2023-48741

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in QuantumCloud AI ChatBot.This issue affects AI ChatBot: from n/a through 4.7.8...

Sql injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in QuantumCloud AI ChatBot.This issue affects AI ChatBot: from n/a through 4.7.8...

CVE-2023-48741 WordPress ChatBot Plugin <= 4.7.8 is vulnerable to SQL Injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in QuantumCloud AI ChatBot.This issue affects AI ChatBot: from n/a through 4.7.8...

CVE-2023-48741

CVE-2023-48741 : SQL Injection in the WordPress AI ChatBot plugin (ChatBot) affecting versions up to 4.7.8. Root cause: improper neutralization of input in the SQL query (orderby parameter) leading to potential data exposure. Impact per sources includes high confidentiality/integrity/availability...

PT-2023-30931 · Unknown · Quantumcloud Chatbot

Name of the Vulnerable Software and Affected Versions: QuantumCloud AI ChatBot versions through 4.7.8 Description: The issue is related to an Improper Neutralization of Special Elements used in an SQL Command, also known as SQL Injection. This allows for potential exploitation of the QuantumCloud...

PT-2023-9830 · Oracle · Oracle Financial Services Revenue Management/Billing

Name of the Vulnerable Software and Affected Versions: Oracle Financial Services Revenue Management and Billing versions 6.0.0.0.0 through 6.1.0.0.0 Description: The issue is related to insufficient input validation in the Chatbot component of Oracle Financial Services Revenue Management and...

Chatbot for WordPress < 2.4.0 - Authenticated (Administrator+) Stored Cross-Site Scripting

Description The Chatbot for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in version 2.3.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and abov...

WordPress ChatBot Plugin <= 4.7.8 is vulnerable to SQL Injection

Software ChatBot Type Plugin Vulnerable versions = 4.7.8 Fixed in 4.7.9 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2023-48741 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID 1bfb272c13b3 Credits Mika Required privilege Administrator Published 23...