LLMs and Phishing

Heres an experiment being run by undergraduate computer science students everywhere: Ask ChatGPT to generate phishing emails, and test whether these are better at persuading victims to respond or click on the link than the usual spam. Its an interesting experiment, and the results are likely to...

CVE-2023-23981

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in QuantumCloud Conversational Forms for ChatBot plugin = 1.1.6 versions...

Cross site scripting

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in QuantumCloud Conversational Forms for ChatBot plugin = 1.1.6 versions...

CVE-2023-23981

CVE-2023-23981 affects the WordPress plugin Conversational Forms for ChatBot (versions

CVE-2023-23981 WordPress Conversational Forms for ChatBot Plugin <= 1.1.6 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in QuantumCloud Conversational Forms for ChatBot plugin = 1.1.6 versions...

WordPress plugin Conversational Forms for ChatBot 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

WordPress ChatBot Plugin <= 4.4.7 is vulnerable to Broken Access Control

Software ChatBot Type Plugin Vulnerable versions = 4.4.7 Fixed in 4.4.8 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE N/A Patch priority Medium CVSS severity Medium 5.3 Developer Claim ownership PSID 306f61075427 Credits Unknown Required privilege Subscriber...

CVE-2022-47613

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in QuantumCloud AI ChatBot plugin = 4.3.0 versions...

CVE-2022-47613

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in QuantumCloud AI ChatBot plugin = 4.3.0 versions...

Cross site scripting

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in QuantumCloud AI ChatBot plugin = 4.3.0 versions...

CVE-2022-47613 WordPress AI ChatBot Plugin <= 4.3.0 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in QuantumCloud AI ChatBot plugin = 4.3.0 versions...

CVE-2022-47613

CVE-2022-47613 affects the WordPress AI ChatBot/ChatBot plugin up to version 4.3.0. The vulnerability is a stored XSS that requires admin+ privileges to exploit. Multiple connected sources (Patchstack and WP vuln entries) indicate the issue arises from insufficient input sanitization in the chatb...

CVE-2022-47613 WordPress AI ChatBot Plugin <= 4.3.0 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in QuantumCloud AI ChatBot plugin = 4.3.0 versions...

PT-2023-15436 · Unknown · Quantumcloud Ai Chatbot Plugin

Name of the Vulnerable Software and Affected Versions: QuantumCloud AI ChatBot plugin versions prior to 4.3.0 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that requires authentication with admin+ privileges. Recommendations: For versions prior to 4.3.0,...

WordPress Plugin AI ChatBot 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

Prompt engineering and jailbreaking: Europol warns of ChatGPT exploitation

By Habiba Rashid The concern arises from the growing number of cybercriminals attempting to exploit the AI-based chatbot for developing malware and other malicious tools. This is a post from HackRead.com Read the original post: Prompt engineering and jailbreaking: Europol warns of ChatGPT...

Bogus Chat GPT extension takes over Facebook accounts

If youre particularly intrigued by the current wave of interest in AI, take care. Theres some bad things lurking in search engine results waiting to compromise your Facebook account. A rogue Chrome extension deployed in a campaign targeting Facebook users is "hitting thousands a day" according to...

arekit (>=0.21.0 <=0.22.1), arenets (>=0.23.0 <=0.23.1) +80 more potentially affected by CVE-2023-25676 via tensorflow-gpu (>=1.10.1 <=2.0.4)

tensorflow-gpu PYPI version =1.10.1, =0.21.0, =0.23.0, =0.9.2, =0.1.0, =0.0.1, =0.1.0, =1.0.0, =0.0.1, =0.0.2, =0.6.7, =0.1.2, =0.1.0, =0.1.2 - dragonn =0.4.2 and more Source cves: CVE-2023-25676 Source advisory: OSV:GHSA-6WFH-89Q8-44JQ...

"Just awful" experiment points suicidal teens at chatbot

After getting in hot water for using an AI chatbot to provide mental health counseling, non-profit startup Koko has now been criticized for experimenting with young adults at risk of harming themselves. Worse, the young adults were unaware they were test subjects. Motherboard reports the experime...

CVE-2023-24415

Cross-Site Request Forgery CSRF vulnerability in QuantumCloud AI ChatBot plugin = 4.2.8 versions...