4 matches found
CVE-2023-3175
The AI ChatBot WordPress plugin before 4.6.1 does not adequately escape some settings, allowing high-privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
CVE-2023-3175
The AI ChatBot WordPress plugin before 4.6.1 does not adequately escape some settings, allowing high-privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
CVE-2023-3175 AI ChatBot < 4.6.1 - Admin+ Stored Cross-Site Scripting
The AI ChatBot WordPress plugin before 4.6.1 does not adequately escape some settings, allowing high-privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
CVE-2023-3175
The CVE-2023-3175 entry is supported by multiple connected documents describing a stored Cross-Site Scripting vulnerability in the AI ChatBot WordPress plugin prior to version 4.6.1. The issue arises because certain settings are not adequately escaped, allowing high-privilege users (e.g., admins)...