2 matches found
CVE-2024-4560 Kognetiks Chatbot for WordPress <= 1.9.9 - Unauthenticated Arbitrary File Upload via chatbot_chatgpt_upload_file_to_assistant Function
The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the chatbotchatgptuploadfiletoassistant function in all versions up to, and including, 1.9.9. This makes it possible for unauthenticated attackers, with to uploa...
CVE-2024-4560 Kognetiks Chatbot for WordPress <= 1.9.9 - Unauthenticated Arbitrary File Upload via chatbot_chatgpt_upload_file_to_assistant Function
The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the chatbotchatgptuploadfiletoassistant function in all versions up to, and including, 1.9.9. This makes it possible for unauthenticated attackers, with to uploa...