3 matches found
CVE-2023-5534
Summary: CVE-2023-5534 concerns the AI ChatBot WordPress plugin with CSRF due to missing/incorrect nonce validation in certain functions, affecting versions ≤ 4.8.9 and 4.9.2. Unauthenticated attackers can exploit forged requests to trigger actions when a site admin is enticed to click links. Imp...
CVE-2023-5534 AI ChatBot <= 4.8.9 and 4.9.2 - Cross-Site Request Forgery on AJAX actions
The AI ChatBot plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.8.9 and 4.9.2. This is due to missing or incorrect nonce validation on the corresponding functions. This makes it possible for unauthenticated attackers to invoke those functions vi...
CVE-2023-5655
Rejected reason: REJECT DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2023-5534. Reason: This record is a reservation duplicate of CVE-2023-5534. Notes: All CVE users should reference CVE-2023-5534 instead of this record. All references and descriptions in this record have been removed to prevent...