Lucene search
K

86 matches found

RedhatCVE
RedhatCVE
added 2025/10/19 7:43 a.m.8 views

CVE-2025-11256

The Kognetiks Chatbot plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions in all versions up to, and including, 2.3.5. This makes it possible for unauthenticated attackers to upload limited safe files and erase conversatio...

5.3CVSS5.5AI score0.00345EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/18 9:30 a.m.6 views

EUVD-2025-34984

The Kognetiks Chatbot plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions in all versions up to, and including, 2.3.5. This makes it possible for unauthenticated attackers to upload limited safe files and erase conversatio...

5.3CVSS5AI score0.00345EPSS
Exploits0References4
NVD
NVD
added 2025/10/18 8:15 a.m.5 views

CVE-2025-11256

The Kognetiks Chatbot plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions in all versions up to, and including, 2.3.5. This makes it possible for unauthenticated attackers to upload limited safe files and erase conversatio...

5.3CVSS0.00345EPSS
Exploits0References3
CVE
CVE
added 2025/10/18 7:26 a.m.17 views

CVE-2025-11256

CVE-2025-11256 refers to the WordPress plugin Kognetiks Chatbot (versions ≤ 2.3.5). The vulnerability arises from a missing capability check in multiple functions, enabling unauthenticated attackers to perform data modification, upload limited safe files, and erase conversations. Wordfence notes ...

5.3CVSS5.1AI score0.00345EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/10/18 7:26 a.m.2 views

CVE-2025-11256 Kognetiks Chatbot <= 2.3.5 - Missing Authorization to Unauthenticated Limited File Uploads and Conversation Erasing

The Kognetiks Chatbot plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions in all versions up to, and including, 2.3.5. This makes it possible for unauthenticated attackers to upload limited safe files and erase conversatio...

5.3CVSS5AI score0.00345EPSS
Exploits0References3
Patchstack
Patchstack
added 2025/10/18 1:23 a.m.11 views

WordPress Kognetiks Chatbot plugin <= 2.3.5 - Missing Authorization to Unauthenticated Limited File Uploads and Conversation Erasing vulnerability

Missing Authorization to Unauthenticated Limited File Uploads and Conversation Erasing vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin Kognetiks Chatbot for WordPress versions = 2.3.5...

5.3CVSS6.9AI score0.00345EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/10/18 12:0 a.m.4 views

WordPress plugin Kognetiks Chatbot 授权问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin ... An authorization...

5.3CVSS6.7AI score0.00345EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-33675

Malicious code in bioql PyPI...

4.3CVSS8.7AI score0.00243EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-33242

Malicious code in bioql PyPI...

6.1CVSS8.7AI score0.00376EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.22 views

EUVD-2024-33165

Malicious code in bioql PyPI...

4.3CVSS8.7AI score0.00438EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-33166

Malicious code in bioql PyPI...

5.3CVSS8.7AI score0.00526EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-33164

Malicious code in bioql PyPI...

5.3CVSS8.7AI score0.00527EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2024-35496

Malicious code in bioql PyPI...

6.5CVSS6.4AI score0.00254EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:20 a.m.3 views

CVE-2024-10684

The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'dir' parameter in all versions up to, and including, 2.1.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

6.1CVSS5.6AI score0.00376EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:19 a.m.4 views

CVE-2024-10530

The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the addnewassistant function in all versions up to, and including, 2.1.7. This makes it possible for authenticated attackers, with subscriber-level acce...

4.3CVSS5AI score0.00438EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:18 a.m.6 views

CVE-2024-10531

The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the updateassistant function in all versions up to, and including, 2.1.7. This makes it possible for authenticated attackers, with subscriber-level acce...

5.3CVSS6.4AI score0.00526EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:51 a.m.7 views

CVE-2024-11143

The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.8. This is due to missing or incorrect nonce validation on the updateassistant, addnewassistant, and deleteassistant functions. This makes it possible for...

4.3CVSS6.3AI score0.00243EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:12 a.m.7 views

CVE-2024-35738

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Kognetiks Kognetiks Chatbot for WordPress allows Stored XSS.This issue affects Kognetiks Chatbot for WordPress: from n/a through 1.9.8...

6.5CVSS6.8AI score0.00254EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:31 a.m.25 views

CVE-2024-10529

The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the deleteassistant function in all versions up to, and including, 2.1.7. This makes it possible for authenticated attackers, with subscriber-level acce...

5.3CVSS6.4AI score0.00527EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 6:56 a.m.4 views

CVE-2024-32700

Unrestricted Upload of File with Dangerous Type vulnerability in Kognetiks Kognetiks Chatbot for WordPress.This issue affects Kognetiks Chatbot for WordPress: from n/a through 2.0.0...

10CVSS7AI score0.02585EPSS
Exploits0References1
Rows per page
Query Builder