3 matches found
CVE-2024-6669
The AI ChatBot for WordPress – WPBot plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 5.5.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2024-6669
The CVE CVE-2024-6669 affects the WPBot WordPress plugin (AI ChatBot for WordPress) up to version 5.5.7, enabling Stored Cross-Site Scripting via admin settings and requiring administrator+ privileges. Impact is limited to multisite setups or where unfiltered_html is disabled; a fix exists in ver...
WordPress ChatBot Plugin <= 5.5.7 is vulnerable to Cross Site Scripting (XSS)
Software ChatBot Type Plugin Vulnerable versions = 5.5.7 Fixed in 5.5.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6669 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID f3c4f285392a Credits Artem Polynko Artem Polynko...