3 matches found
CVE-2024-6722
The Chatbot Support AI: Free ChatGPT Chatbot, Woocommerce Chatbot WordPress plugin through 1.0.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is...
CVE-2024-6722 Chatbot Support AI <= 1.0.2 - Admin+ Stored XSS
The Chatbot Support AI: Free ChatGPT Chatbot, Woocommerce Chatbot WordPress plugin through 1.0.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is...
WordPress Chatbot Support AI Plugin <= 1.0.2 is vulnerable to Cross Site Scripting (XSS)
Software Chatbot Support AI Type Plugin Vulnerable versions = 1.0.2 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6722 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID a3c87b3b7064 Credits Kieran Burge Required...