WordPress ChatBot Plugin <= 4.8.9 is vulnerable to Path Traversal

Software ChatBot Type Plugin Vulnerable versions = 4.8.9 Fixed in 4.9.1 OWASP Top 10 A3: Injection Classification Path Traversal CVE CVE-2023-5241 Patch priority High CVSS severity High 9.6 Developer Claim ownership PSID 066f9b5875d8 Credits Marco Wotschka Required privilege Subscriber Published ...

CVE-2023-44993

Cross-Site Request Forgery CSRF vulnerability in QuantumCloud AI ChatBot plugin = 4.7.8 versions...

CVE-2023-44993

Cross-Site Request Forgery CSRF vulnerability in QuantumCloud AI ChatBot plugin = 4.7.8 versions...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in QuantumCloud AI ChatBot plugin = 4.7.8 versions...

CVE-2023-44993 WordPress ChatBot Plugin <= 4.7.8 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in QuantumCloud AI ChatBot plugin = 4.7.8 versions...

CVE-2023-44993 WordPress ChatBot Plugin <= 4.7.8 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in QuantumCloud AI ChatBot plugin = 4.7.8 versions...

CVE-2023-44993

The CVE-2023-44993 entry describes a Cross-Site Request Forgery (CSRF) vulnerability in the QuantumCloud AI ChatBot WordPress plugin, affecting versions ≤ 4.7.8. The root cause is CSRF in the plugin’s request handling, with PatchStack noting the fix shipped in version 4.7.9 and indicating the iss...

WordPress Plugin AI ChatBot Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...

PT-2023-29336 · Unknown · Quantumcloud Ai Chatbot Plugin

Name of the Vulnerable Software and Affected Versions: QuantumCloud AI ChatBot plugin versions = 4.7.8 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a web application...

WordPress ChatBot Plugin <= 4.7.8 is vulnerable to Cross Site Request Forgery (CSRF)

Software ChatBot Type Plugin Vulnerable versions = 4.7.8 Fixed in 4.7.9 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-44993 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 595f79a2846b Credits Mika Required privilege...

How to Stop Google Bard From Storing Your Data and Location

Checking out this AI chatbot's new features? Make sure to keep these privacy tips in mind during your interactions...

Malicious Ads Infiltrate Bing AI Chatbot in Malvertising Attack

By Waqas Is it really necessary to display advertisements within an AI chatbot? This is a post from HackRead.com Read the original post: Malicious Ads Infiltrate Bing AI Chatbot in Malvertising Attack...

Google’s Bard conversations turn up in search results

Google is coming under scrutiny after people discovered transcripts of conversations with its AI chatbot Bard are being indexed in Google search results. Bard is Googles answer to ChatGPT, and allows users to have conversations with an AI. Services like these have attracted a lot of attention,...

ChatGPT Update Enables Chatbot to “See, Hear and Speak” with Users

By Deeba Ahmed The upgrade rolls out today, only for the subscription-based version of ChatGPT. This is a post from HackRead.com Read the original post: ChatGPT Update Enables Chatbot to "See, Hear and Speak" with Users...

Malicious code in bbc-iplayer-sounds-chatbot (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 2d586de5a3bb31f4049fd207aa2c3ffc23d175a74c56bc0a75c52fd116f5291a The OpenSSF Package Analysis project identified 'bbc-iplayer-sounds-chatbot' @ 5.2.3 npm as malicious. It is considered malicious because: - The...

AnythingLLM SQL Injection Vulnerability

AnythingLLM is a document chatbot that meets business requirements. AnythingLLM versions prior to 0.0.1 suffer from a SQL injection vulnerability that stems from susceptibility to SQL injection attacks...

Malicious code in chatbot-community (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0efbc44ac9dca194b96671df266fbb4f449c8641dbd574942431ab11e983f471 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2023-8060 Malicious code in chatbot-community (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0efbc44ac9dca194b96671df266fbb4f449c8641dbd574942431ab11e983f471 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2023-4254

The AI ChatBot WordPress plugin before 4.7.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2023-4253 Chatbot < 4.7.8 - Admin+ Stored XSS in FAQ Builder

The AI ChatBot WordPress plugin before 4.7.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...