EUVD-2024-51165

Malicious code in bioql PyPI...

CVE-2025-55143

Reflected text injection in Ivanti Connect Secure before 22.7R2.9 or 22.8R2, Ivanti Policy Secure before 22.7R1.6, Ivanti ZTA Gateway before 2.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4 Fix deployed on 02-Aug-2025 allows a remote unauthenticated attacker to inject arbitrary te...

CVE-2024-12879

The WPBot Pro Wordpress Chatbot plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'qcwplatestupdatecheckpro' function in all versions up to, and including, 13.5.5. This makes it possible for authenticated attackers, with...

CVE-2024-12879

The WPBot Pro Wordpress Chatbot plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'qcwplatestupdatecheckpro' function in all versions up to, and including, 13.5.5. This makes it possible for authenticated attackers, with...

CVE-2024-12879

CVE-2024-12879 concerns WPBot Pro WordPress Chatbot plugin (versions up to and including 13.5.5). The connected sources confirm a missing capability check in the qc_wp_latest_update_check_pro function that permits authenticated users with Subscriber-level access and above to create Simple Text Re...

PT-2025-1975 · WordPress · Wpbot Pro

Name of the Vulnerable Software and Affected Versions: WPBot Pro Wordpress Chatbot plugin for WordPress versions up to, and including, 13.5.5 Description: The issue allows authenticated attackers with Subscriber-level access and above to create Simple Text Responses to chat queries due to a missi...

AI ChatBot < 4.5.5 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitize and escape its settings, allowing high-privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed. 1. Go to plugin settings under "WPBot Lite Simple Text Responses" 2. Enter the payload Test Query"...