5 matches found
CVE-2023-2811
The AI ChatBot WordPress plugin before 4.5.6 does not sanitise and escape numerous of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks to all admin when setting chatbot and all client when using chatbot...
CVE-2023-2811
The AI ChatBot WordPress plugin before 4.5.6 does not sanitise and escape numerous of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks to all admin when setting chatbot and all client when using chatbot...
CVE-2023-2811 AI ChatBot < 4.5.6 - Admin+ Stored Cross-Site Scripting
The AI ChatBot WordPress plugin before 4.5.6 does not sanitise and escape numerous of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks to all admin when setting chatbot and all client when using chatbot...
CVE-2023-2811
CVE-2023-2811 affects the AI ChatBot WordPress plugin (pre-4.5.6). The issue is due to insufficient sanitisation/escaping of numerous settings, allowing stored cross-site scripting that can impact all admins when configuring the chatbot and all users of the chatbot. The primary root cause is impr...
WordPress ChatBot Plugin < 4.5.6 is vulnerable to Cross Site Scripting (XSS)
Software ChatBot Type Plugin Vulnerable versions 4.5.6 Fixed in 4.5.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2811 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID eb7005b63455 Credits NGO VAN TU Required privilege...