3 matches found
CVE-2024-5992 Cliengo - Chatbot <= 3.0.2 - Missing Authorization to Unauthenticated Chatbot Settings Update
The Cliengo – Chatbot plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'updatechatbottoken' and 'updatechatbotposition' functions in all versions up to, and including, 3.0.2. This makes it possible for unauthenticated attackers to...
CVE-2024-5992 Cliengo - Chatbot <= 3.0.2 - Missing Authorization to Unauthenticated Chatbot Settings Update
The Cliengo – Chatbot plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'updatechatbottoken' and 'updatechatbotposition' functions in all versions up to, and including, 3.0.2. This makes it possible for unauthenticated attackers to...
WordPress Cliengo – Chatbot Plugin <= 3.0.1 is vulnerable to Broken Access Control
Software Cliengo – Chatbot Type Plugin Vulnerable versions = 3.0.1 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-5992 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 5df51a028217 Credits Lucio Sá Required privilege...