Lucene search
+L

7 matches found

cve
cve
added 11 hours ago7 views

CVE-2026-13005

The CVE concerns the MxChat – AI Chatbot & Content Generation for WordPress plugin for WordPress. Affected: all versions up to 3.2.10. Vulnerability: Stored Cross-Site Scripting via the intro_message admin setting due to insufficient input sanitization and output escaping. Privileged context: aut...

4.4CVSS6.2AI score
Exploits0References6
euvd
euvd
added 11 hours ago3 views

EUVD-2026-44854

The MxChat – AI Chatbot & Content Generation for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.2.10 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

4.4CVSS6.2AI score
Exploits0References6
redhatcve
redhatcve
added 2025/12/04 4:15 a.m.6 views

CVE-2025-12585

The MxChat – AI Chatbot for WordPress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.5.5 via upload filenames. This makes it possible for unauthenticated attackers to extract session values that can subsequently be used to access...

5.3CVSS6.1AI score0.00284EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2025/12/03 3:27 a.m.3 views

CVE-2025-12585 MxChat – AI Chatbot for WordPress <= 2.5.5 - Unauthenticated Information Exposure

The MxChat – AI Chatbot for WordPress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.5.5 via upload filenames. This makes it possible for unauthenticated attackers to extract session values that can subsequently be used to access...

5.3CVSS5.7AI score0.00284EPSS
Exploits0References5
cvelist
cvelist
added 2025/12/03 3:27 a.m.19 views

CVE-2025-12585 MxChat – AI Chatbot for WordPress <= 2.5.5 - Unauthenticated Information Exposure

The MxChat – AI Chatbot for WordPress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.5.5 via upload filenames. This makes it possible for unauthenticated attackers to extract session values that can subsequently be used to access...

5.3CVSS0.00284EPSS
Exploits0References5
cve
cve
added 2025/12/03 3:27 a.m.26 views

CVE-2025-12585

The CVE-2025-12585 entry concerns the WordPress plugin MxChat – AI Chatbot (WordPress plugin). Affected software: MxChat plugin for WordPress, versions up to and including 2.5.5. Vulnerability type: Sensitive Information Exposure. Root cause: inadequate protection of sensitive data via upload fil...

5.3CVSS5.7AI score0.00284EPSS
Exploits0References6
euvd
euvd
added 2025/12/03 3:27 a.m.7 views

EUVD-2025-200727

The MxChat – AI Chatbot for WordPress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.5.5 via upload filenames. This makes it possible for unauthenticated attackers to extract session values that can subsequently be used to access...

5.3CVSS5.6AI score0.00284EPSS
Exploits0References4
Rows per page
Query Builder