CVE-2026-32499

CVE-2026-32499 is an unauthenticated SQL injection in the WordPress WPBot – AI ChatBot for Live Support, Lead Generation, AI Services plugin (WPBot) up to version 7.7.9. Root cause is improper neutralization of input in the plugin’s SQL queries, allowing blind SQL injection. Public details in con...

CVE-2026-32499 WordPress ChatBot plugin <= 7.7.9 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in QuantumCloud ChatBot chatbot allows Blind SQL Injection.This issue affects ChatBot: from n/a through = 7.7.9...

CVE-2025-64277 WordPress ChatBot plugin <= 7.3.9 - Broken Access Control vulnerability

Missing Authorization vulnerability in QuantumCloud ChatBot chatbot allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ChatBot: from n/a through = 7.3.9...

CVE-2025-62952 WordPress ChatBot plugin <= 7.7.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in QuantumCloud ChatBot chatbot allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ChatBot: from n/a through = 7.7.3...

EUVD-2024-51332

Malicious code in bioql PyPI...

EUVD-2025-28098

Malicious code in bioql PyPI...

EUVD-2024-51165

Malicious code in bioql PyPI...

PT-2025-36577

Name of the Vulnerable Software and Affected Versions: AI ChatBot for WordPress plugin versions prior to 7.1.0 Description: The AI ChatBot for WordPress plugin does not sanitise and escape some of its settings. This could allow high-privilege users, such as administrators, to perform Stored...

WordPress ChatBot plugin <= 6.7.3 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by zaim in WordPress Plugin ChatBot versions = 6.7.3...

CVE-2025-53200 WordPress ChatBot plugin <= 6.7.3 - Broken Access Control Vulnerability

Missing Authorization vulnerability in QuantumCloud ChatBot chatbot allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ChatBot: from n/a through = 6.7.3...

CVE-2023-5606

The ChatBot for WordPress is vulnerable to Stored Cross-Site Scripting via the FAQ Builder in versions 4.8.6 through 4.9.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject...

CVE-2025-47582

Deserialization of Untrusted Data vulnerability in QuantumCloud WPBot Pro Wordpress Chatbot allows Object Injection.This issue affects WPBot Pro Wordpress Chatbot: from n/a through 12.7.0...

CVE-2025-47582

Deserialization of Untrusted Data vulnerability in QuantumCloud WPBot Pro Wordpress Chatbot allows Object Injection.This issue affects WPBot Pro Wordpress Chatbot: from n/a through 12.7.0...

CVE-2025-47582

Deserialization of Untrusted Data vulnerability in QuantumCloud WPBot Pro Wordpress Chatbot allows Object Injection.This issue affects WPBot Pro Wordpress Chatbot: from n/a through 12.7.0...

CVE-2025-47582

CVE-2025-47582 describes a Deserialization of Untrusted Data vulnerability in the WordPress plugin WPBot Pro WordPress Chatbot (affected: versions n/a through 12.7.0) that allows PHP object injection . The issue, stated across sources, indicates untrusted data deserialization can be exploited to ...

WordPress WPBot Pro Wordpress Chatbot plugin <= 13.6.5 - Arbitrary File Deletion vulnerability

Arbitrary File Deletion vulnerability discovered by Tran Nguyen Bao KhanhVCI - VNPT in WordPress Plugin WPBot Pro Wordpress Chatbot versions = 13.6.5...

WordPress ChatBot plugin < 6.2.4 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Bob Matyas in WordPress Plugin ChatBot versions 6.2.4...

WordPress plugin WPBot Pro Wordpress Chatbot 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2024-13091

The WPBot Pro Wordpress Chatbot plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'qcldwpcfbfileupload' function in all versions up to, and including, 13.5.4. This makes it possible for unauthenticated attackers to upload arbitrary files on th...

CVE-2024-12879

The WPBot Pro Wordpress Chatbot plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'qcwplatestupdatecheckpro' function in all versions up to, and including, 13.5.5. This makes it possible for authenticated attackers, with...