Lucene search
K

59 matches found

Patchstack
Patchstack
added 2023/11/23 12:0 a.m.14 views

WordPress ChatBot Plugin <= 4.7.8 is vulnerable to SQL Injection

Software ChatBot Type Plugin Vulnerable versions = 4.7.8 Fixed in 4.7.9 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2023-48741 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID 1bfb272c13b3 Credits Mika Required privilege Administrator Published 23...

7.6CVSS7.2AI score0.00725EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2023/11/02 9:15 a.m.2 views

CVE-2023-5606

The ChatBot for WordPress is vulnerable to Stored Cross-Site Scripting via the FAQ Builder in versions 4.8.6 through 4.9.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject...

4.8CVSS5.9AI score0.0032EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2023/11/02 9:15 a.m.1 views

CVE-2023-5606

The ChatBot for WordPress is vulnerable to Stored Cross-Site Scripting via the FAQ Builder in versions 4.8.6 through 4.9.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject...

4.8CVSS5.9AI score0.00416EPSS
Exploits2References3Affected Software1
Positive Technologies
Positive Technologies
added 2023/10/18 12:0 a.m.6 views

PT-2023-31969 · WordPress · The Ai Chatbot For Wordpress

Name of the Vulnerable Software and Affected Versions: The AI ChatBot for WordPress versions up to, and including, 4.8.9 The AI ChatBot for WordPress version 4.9.2 Description: The issue allows subscriber-level attackers to perform Directory Traversal, potentially leading to a Denial of Service D...

9.6CVSS8.8AI score0.02066EPSS
Exploits2References9
Patchstack
Patchstack
added 2023/10/12 12:0 a.m.20 views

WordPress ChatBot Plugin <= 4.8.9 is vulnerable to Path Traversal

Software ChatBot Type Plugin Vulnerable versions = 4.8.9 Fixed in 4.9.1 OWASP Top 10 A3: Injection Classification Path Traversal CVE CVE-2023-5241 Patch priority High CVSS severity High 9.6 Developer Claim ownership PSID 066f9b5875d8 Credits Marco Wotschka Required privilege Subscriber Published ...

9.6CVSS6.7AI score0.02066EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2023/10/12 12:0 a.m.19 views

WordPress ChatBot Plugin <= 4.8.9 is vulnerable to Cross Site Request Forgery (CSRF)

Software ChatBot Type Plugin Vulnerable versions = 4.8.9 Fixed in 4.9.1 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-5534 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID dd9ca26e2bc4 Credits Marco Wotschka Required...

5.4CVSS6.5AI score0.00206EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/10/12 12:0 a.m.12 views

WordPress ChatBot Plugin <= 4.8.9 is vulnerable to Sensitive Data Exposure

Software ChatBot Type Plugin Vulnerable versions = 4.8.9 Fixed in 4.9.1 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-5254 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID a08bb4253476 Credits Marco Wotschka Required privilege...

5.3CVSS6.5AI score0.00767EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2023/10/12 12:0 a.m.30 views

WordPress ChatBot Plugin <= 4.8.9 is vulnerable to Broken Access Control

Software ChatBot Type Plugin Vulnerable versions = 4.8.9 Fixed in 4.9.1 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-5533 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID ffa27d384955 Credits Marco Wotschka Required privilege...

9.8CVSS6.5AI score0.00531EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/10/02 12:0 a.m.13 views

WordPress ChatBot Plugin <= 4.7.8 is vulnerable to Cross Site Request Forgery (CSRF)

Software ChatBot Type Plugin Vulnerable versions = 4.7.8 Fixed in 4.7.9 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-44993 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 595f79a2846b Credits Mika Required privilege...

8.8CVSS6.6AI score0.00214EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/08/10 12:0 a.m.17 views

WordPress ChatBot Plugin < 4.7.8 is vulnerable to Cross Site Scripting (XSS)

Software ChatBot Type Plugin Vulnerable versions 4.7.8 Fixed in 4.7.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4253 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 1272ce44f1e5 Credits Nguyen Hoang Nam Required privileg...

4.8CVSS5.7AI score0.00416EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2023/08/10 12:0 a.m.16 views

WordPress ChatBot Plugin < 4.7.8 is vulnerable to Cross Site Scripting (XSS)

Software ChatBot Type Plugin Vulnerable versions 4.7.8 Fixed in 4.7.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4254 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID c88c0ce63b6b Credits Bob Matyas Required privilege...

4.8CVSS5.7AI score0.00408EPSS
Exploits2References4Affected Software1
Patchstack
Patchstack
added 2023/06/19 12:0 a.m.20 views

WordPress ChatBot Plugin < 4.5.6 is vulnerable to Cross Site Scripting (XSS)

Software ChatBot Type Plugin Vulnerable versions 4.5.6 Fixed in 4.5.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2811 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID eb7005b63455 Credits NGO VAN TU Required privilege...

4.8CVSS5.7AI score0.00442EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2023/04/20 12:0 a.m.24 views

WordPress ChatBot Plugin <= 4.4.6 is vulnerable to PHP Object Injection

Software ChatBot Type Plugin Vulnerable versions = 4.4.6 Fixed in 4.4.7 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2023-1650 Patch priority High CVSS severity High 5.4 Developer Claim ownership PSID 84bd0e4874e7 Credits Erwan LR Required privilege Unauthenticated...

9.8CVSS7.2AI score0.34351EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2023/04/20 12:0 a.m.11 views

WordPress ChatBot Plugin <= 4.4.8 is vulnerable to Cross Site Scripting (XSS)

Software ChatBot Type Plugin Vulnerable versions = 4.4.8 Fixed in 4.4.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-1651 Patch priority High CVSS severity High 6.5 Developer Claim ownership PSID 0fe1f44f2072 Credits Erwan LR Required privilege...

5.4CVSS5.9AI score0.00242EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2023/04/20 12:0 a.m.17 views

WordPress ChatBot Plugin <= 4.4.8 is vulnerable to Cross Site Scripting (XSS)

Software ChatBot Type Plugin Vulnerable versions = 4.4.8 Fixed in 4.4.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-1660 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 427a28b8a8ff Credits Erwan LR Required privilege...

6.1CVSS5.9AI score0.00269EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2023/04/20 12:0 a.m.11 views

WordPress ChatBot Plugin <= 4.4.4 is vulnerable to Cross Site Scripting (XSS)

Software ChatBot Type Plugin Vulnerable versions = 4.4.4 Fixed in 4.4.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-1011 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID b672166ed65f Credits Erwan LR Required privilege...

6.1CVSS6AI score0.00237EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2023/03/30 12:0 a.m.4 views

WordPress ChatBot Plugin <= 4.4.7 is vulnerable to Broken Access Control

Software ChatBot Type Plugin Vulnerable versions = 4.4.7 Fixed in 4.4.8 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE N/A Patch priority Medium CVSS severity Medium 5.3 Developer Claim ownership PSID 306f61075427 Credits Unknown Required privilege Subscriber...

6.8AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/01/27 12:0 a.m.20 views

WordPress ChatBot Plugin <= 4.2.8 is vulnerable to Cross Site Request Forgery (CSRF)

Software ChatBot Type Plugin Vulnerable versions = 4.2.8 Fixed in 4.2.9 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-24415 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 56586a24f6dd Credits Rafshanzani Suhada Required...

8.8CVSS6.7AI score0.00264EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/01/27 12:0 a.m.17 views

WordPress ChatBot Plugin <= 4.3.0 is vulnerable to Cross Site Scripting (XSS)

Software ChatBot Type Plugin Vulnerable versions = 4.3.0 Fixed in 4.3.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-47613 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 55e5078b9db7 Credits Rafshanzani Suhada Required...

5.9CVSS5.8AI score0.00421EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder