Lucene search
K

3 matches found

Vulnrichment
Vulnrichment
added 2024/07/09 8:33 a.m.13 views

CVE-2024-5992 Cliengo - Chatbot <= 3.0.2 - Missing Authorization to Unauthenticated Chatbot Settings Update

The Cliengo – Chatbot plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'updatechatbottoken' and 'updatechatbotposition' functions in all versions up to, and including, 3.0.2. This makes it possible for unauthenticated attackers to...

6.5CVSS5.9AI score0.00536EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/07/09 8:33 a.m.20 views

CVE-2024-5992 Cliengo - Chatbot <= 3.0.2 - Missing Authorization to Unauthenticated Chatbot Settings Update

The Cliengo – Chatbot plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'updatechatbottoken' and 'updatechatbotposition' functions in all versions up to, and including, 3.0.2. This makes it possible for unauthenticated attackers to...

6.5CVSS0.00536EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/07/09 12:0 a.m.10 views

WordPress Cliengo – Chatbot Plugin <= 3.0.1 is vulnerable to Broken Access Control

Software Cliengo – Chatbot Type Plugin Vulnerable versions = 3.0.1 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-5992 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 5df51a028217 Credits Lucio Sá Required privilege...

6.5CVSS6.6AI score0.00536EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder