86 matches found
CVE-2025-11256
The Kognetiks Chatbot plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions in all versions up to, and including, 2.3.5. This makes it possible for unauthenticated attackers to upload limited safe files and erase conversatio...
EUVD-2025-34984
The Kognetiks Chatbot plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions in all versions up to, and including, 2.3.5. This makes it possible for unauthenticated attackers to upload limited safe files and erase conversatio...
CVE-2025-11256
The Kognetiks Chatbot plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions in all versions up to, and including, 2.3.5. This makes it possible for unauthenticated attackers to upload limited safe files and erase conversatio...
CVE-2025-11256
CVE-2025-11256 refers to the WordPress plugin Kognetiks Chatbot (versions ≤ 2.3.5). The vulnerability arises from a missing capability check in multiple functions, enabling unauthenticated attackers to perform data modification, upload limited safe files, and erase conversations. Wordfence notes ...
CVE-2025-11256 Kognetiks Chatbot <= 2.3.5 - Missing Authorization to Unauthenticated Limited File Uploads and Conversation Erasing
The Kognetiks Chatbot plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions in all versions up to, and including, 2.3.5. This makes it possible for unauthenticated attackers to upload limited safe files and erase conversatio...
WordPress Kognetiks Chatbot plugin <= 2.3.5 - Missing Authorization to Unauthenticated Limited File Uploads and Conversation Erasing vulnerability
Missing Authorization to Unauthenticated Limited File Uploads and Conversation Erasing vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin Kognetiks Chatbot for WordPress versions = 2.3.5...
WordPress plugin Kognetiks Chatbot 授权问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin ... An authorization...
EUVD-2024-33675
Malicious code in bioql PyPI...
EUVD-2024-33242
Malicious code in bioql PyPI...
EUVD-2024-33165
Malicious code in bioql PyPI...
EUVD-2024-33166
Malicious code in bioql PyPI...
EUVD-2024-33164
Malicious code in bioql PyPI...
EUVD-2024-35496
Malicious code in bioql PyPI...
CVE-2024-10684
The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'dir' parameter in all versions up to, and including, 2.1.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...
CVE-2024-10530
The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the addnewassistant function in all versions up to, and including, 2.1.7. This makes it possible for authenticated attackers, with subscriber-level acce...
CVE-2024-10531
The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the updateassistant function in all versions up to, and including, 2.1.7. This makes it possible for authenticated attackers, with subscriber-level acce...
CVE-2024-11143
The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.8. This is due to missing or incorrect nonce validation on the updateassistant, addnewassistant, and deleteassistant functions. This makes it possible for...
CVE-2024-35738
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Kognetiks Kognetiks Chatbot for WordPress allows Stored XSS.This issue affects Kognetiks Chatbot for WordPress: from n/a through 1.9.8...
CVE-2024-10529
The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the deleteassistant function in all versions up to, and including, 2.1.7. This makes it possible for authenticated attackers, with subscriber-level acce...
CVE-2024-32700
Unrestricted Upload of File with Dangerous Type vulnerability in Kognetiks Kognetiks Chatbot for WordPress.This issue affects Kognetiks Chatbot for WordPress: from n/a through 2.0.0...