CVE-2026-15610
The WPBot – AI ChatBot for WordPress plugin (WordPress WPBot) up to version 8.5.6 is affected by an authorization bypass via the ajax_rag_manual_sync() function. The root cause is improper verification of a user’s authorization, enabling authenticated attackers with subscriber-level access or hig...