2 matches found
CVE-2026-15106
The WPBot – AI ChatBot for Live Support WordPress plugin is vulnerable to an authorization bypass in all versions up to 8.5.6. The issue allows unauthenticated attackers to delete arbitrary chat session records from wpbot_user andwpbot_conversation by supplying a crafted userid value, indicating ...
EUVD-2026-44892
The WPBot – AI ChatBot for Live Support, Lead Generation, AI Services plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 8.5.6. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...