Lucene search
+L

4 matches found

nvd
nvd
added yesterday6 views

CVE-2026-15610

The WPBot – AI ChatBot for Live Support, Lead Generation, AI Services plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 8.5.6. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...

4.3CVSS0.00232EPSS
Exploits0References8
cve
cve
added yesterday8 views

CVE-2026-15610

The WPBot – AI ChatBot for WordPress plugin (WordPress WPBot) up to version 8.5.6 is affected by an authorization bypass via the ajax_rag_manual_sync() function. The root cause is improper verification of a user’s authorization, enabling authenticated attackers with subscriber-level access or hig...

4.3CVSS6.1AI score0.00232EPSS
Exploits0References8
cvelist
cvelist
added yesterday12 views

CVE-2026-15610 WPBot <= 8.5.6 - Missing Authorization to Authenticated (Subscriber+) Arbitrary RAG Document Re-Sync via ajax_rag_manual_sync() Function

The WPBot – AI ChatBot for Live Support, Lead Generation, AI Services plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 8.5.6. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...

4.3CVSS0.00232EPSS
Exploits0References8
euvd
euvd
added yesterday5 views

EUVD-2026-44893

The WPBot – AI ChatBot for Live Support, Lead Generation, AI Services plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 8.5.6. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...

4.3CVSS6.1AI score0.00232EPSS
Exploits0References8
Rows per page
Query Builder