29 matches found
EUVD-2026-36981
Unauthenticated Arbitrary File Upload in GeekyBot = 1.2.2 versions...
EUVD-2026-36956
Unauthenticated SQL Injection in GeekyBot = 1.2.0 versions...
CVE-2026-40772
Unauthenticated Arbitrary File Upload in GeekyBot = 1.2.2 versions...
CVE-2026-39519
Unauthenticated SQL Injection in GeekyBot = 1.2.0 versions...
CVE-2026-40772 WordPress GeekyBot plugin <= 1.2.2 - Arbitrary File Upload vulnerability
Unauthenticated Arbitrary File Upload in GeekyBot = 1.2.2 versions...
CVE-2026-40772
CVE-2026-40772 pertains to the WordPress plugin GeekyBot (versions
CVE-2026-39519
CVE-2026-39519 affects the WordPress plugin GeekyBot (versions <= 1.2.0). The vulnerability is an unauthenticated SQL Injection in GeekyBot
CVE-2026-39519 WordPress GeekyBot plugin <= 1.2.0 - SQL Injection vulnerability
Unauthenticated SQL Injection in GeekyBot = 1.2.0 versions...
PT-2026-49416
Name of the Vulnerable Software and Affected Versions GeekyBot versions prior to 1.2.3 Description The WordPress GeekyBot plugin allows unauthenticated users to perform arbitrary file uploads. This flaw enables an attacker to upload malicious files to the server without requiring authentication,...
PT-2026-49395
Unauthenticated SQL Injection in GeekyBot = 1.2.0 versions...
WordPress GeekyBot — AI Copilot, Chatbot, WooCommerce Lead Gen & Zero-Prompt Content plugin <= 1.2.2 - Missing Authorization to Unauthenticated Arbitrary plugin Installation vulnerability
Missing Authorization to Unauthenticated Arbitrary plugin Installation vulnerability discovered by kiemtiendinhau in WordPress Plugin GeekyBot versions = 1.2.2...
WordPress GeekyBot — AI Copilot, Chatbot, WooCommerce Lead Gen & Zero-Prompt Content plugin <= 1.2.0 - Unauthenticated SQL Injection vulnerability
Unauthenticated SQL Injection vulnerability discovered by Nguyen Ngoc Duc duc193 in WordPress Plugin GeekyBot versions = 1.2.0...
EUVD-2026-27175
The GeekyBot — Generate AI Content Without Prompt, Chatbot and Lead Generation plugin for WordPress is vulnerable to SQL Injection via the 'attributekey' parameter in versions up to, and including, 1.2.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparatio...
CVE-2026-3456
The GeekyBot — Generate AI Content Without Prompt, Chatbot and Lead Generation plugin for WordPress is vulnerable to SQL Injection via the 'attributekey' parameter in versions up to, and including, 1.2.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparatio...
CVE-2026-3456
The CVE concerns the WordPress plugin GeekyBot – Generate AI Content Without Prompt, Chatbot and Lead Generation (versions up to 1.2.0). It is vulnerable to SQL Injection via the attributekey parameter due to insufficient escaping and lack of proper query parameterization, allowing unauthenticate...
CVE-2026-3456 GeekyBot — Generate AI Content Without Prompt, Chatbot and Lead Generation <= 1.2.0 - Unauthenticated SQL Injection via 'attributekey'
The GeekyBot — Generate AI Content Without Prompt, Chatbot and Lead Generation plugin for WordPress is vulnerable to SQL Injection via the 'attributekey' parameter in versions up to, and including, 1.2.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparatio...
CVE-2026-3456 GeekyBot — Generate AI Content Without Prompt, Chatbot and Lead Generation <= 1.2.0 - Unauthenticated SQL Injection via 'attributekey'
The GeekyBot — Generate AI Content Without Prompt, Chatbot and Lead Generation plugin for WordPress is vulnerable to SQL Injection via the 'attributekey' parameter in versions up to, and including, 1.2.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparatio...
PT-2026-36963
The GeekyBot — Generate AI Content Without Prompt, Chatbot and Lead Generation plugin for WordPress is vulnerable to SQL Injection via the 'attributekey' parameter in versions up to, and including, 1.2.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparatio...
WordPress plugin GeekyBot SQL注入漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
WordPress GeekyBot plugin <= 1.2.2 - Arbitrary File Upload vulnerability
Arbitrary File Upload vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin GeekyBot versions = 1.2.2...