3 matches found
WordPress AI Engine: ChatGPT Chatbot Plugin <= 2.2.0 is vulnerable to Cross Site Scripting (XSS)
Software AI Engine: ChatGPT Chatbot Type Plugin Vulnerable versions = 2.2.0 Fixed in 2.2.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-0378 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c9bd74cd8e71 Credits...
CVE-2024-0378
The AI Engine: Chatbots, Generators, Assistants, GPT 4 and more! plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the AI chat data when discussion tracking is enabled in all versions up to, and including, 2.2.0 due to insufficient input sanitization and output escaping. This...
CVE-2024-0378
CVE-2024-0378 affects the AI Engine plugin for WordPress, specifically versions up to and including 2.2.0. The issue is stored XSS caused by insufficient input sanitization and output escaping in the AI chat data when discussion tracking is enabled. Impact: unauthenticated attackers can inject sc...