59 matches found
WordPress ChatBot Plugin <= 4.7.8 is vulnerable to SQL Injection
Software ChatBot Type Plugin Vulnerable versions = 4.7.8 Fixed in 4.7.9 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2023-48741 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID 1bfb272c13b3 Credits Mika Required privilege Administrator Published 23...
CVE-2023-5606
The ChatBot for WordPress is vulnerable to Stored Cross-Site Scripting via the FAQ Builder in versions 4.8.6 through 4.9.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject...
CVE-2023-5606
The ChatBot for WordPress is vulnerable to Stored Cross-Site Scripting via the FAQ Builder in versions 4.8.6 through 4.9.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject...
PT-2023-31969 · WordPress · The Ai Chatbot For Wordpress
Name of the Vulnerable Software and Affected Versions: The AI ChatBot for WordPress versions up to, and including, 4.8.9 The AI ChatBot for WordPress version 4.9.2 Description: The issue allows subscriber-level attackers to perform Directory Traversal, potentially leading to a Denial of Service D...
WordPress ChatBot Plugin <= 4.8.9 is vulnerable to Path Traversal
Software ChatBot Type Plugin Vulnerable versions = 4.8.9 Fixed in 4.9.1 OWASP Top 10 A3: Injection Classification Path Traversal CVE CVE-2023-5241 Patch priority High CVSS severity High 9.6 Developer Claim ownership PSID 066f9b5875d8 Credits Marco Wotschka Required privilege Subscriber Published ...
WordPress ChatBot Plugin <= 4.8.9 is vulnerable to Cross Site Request Forgery (CSRF)
Software ChatBot Type Plugin Vulnerable versions = 4.8.9 Fixed in 4.9.1 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-5534 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID dd9ca26e2bc4 Credits Marco Wotschka Required...
WordPress ChatBot Plugin <= 4.8.9 is vulnerable to Sensitive Data Exposure
Software ChatBot Type Plugin Vulnerable versions = 4.8.9 Fixed in 4.9.1 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-5254 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID a08bb4253476 Credits Marco Wotschka Required privilege...
WordPress ChatBot Plugin <= 4.8.9 is vulnerable to Broken Access Control
Software ChatBot Type Plugin Vulnerable versions = 4.8.9 Fixed in 4.9.1 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-5533 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID ffa27d384955 Credits Marco Wotschka Required privilege...
WordPress ChatBot Plugin <= 4.7.8 is vulnerable to Cross Site Request Forgery (CSRF)
Software ChatBot Type Plugin Vulnerable versions = 4.7.8 Fixed in 4.7.9 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-44993 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 595f79a2846b Credits Mika Required privilege...
WordPress ChatBot Plugin < 4.7.8 is vulnerable to Cross Site Scripting (XSS)
Software ChatBot Type Plugin Vulnerable versions 4.7.8 Fixed in 4.7.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4253 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 1272ce44f1e5 Credits Nguyen Hoang Nam Required privileg...
WordPress ChatBot Plugin < 4.7.8 is vulnerable to Cross Site Scripting (XSS)
Software ChatBot Type Plugin Vulnerable versions 4.7.8 Fixed in 4.7.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4254 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID c88c0ce63b6b Credits Bob Matyas Required privilege...
WordPress ChatBot Plugin < 4.5.6 is vulnerable to Cross Site Scripting (XSS)
Software ChatBot Type Plugin Vulnerable versions 4.5.6 Fixed in 4.5.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2811 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID eb7005b63455 Credits NGO VAN TU Required privilege...
WordPress ChatBot Plugin <= 4.4.6 is vulnerable to PHP Object Injection
Software ChatBot Type Plugin Vulnerable versions = 4.4.6 Fixed in 4.4.7 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2023-1650 Patch priority High CVSS severity High 5.4 Developer Claim ownership PSID 84bd0e4874e7 Credits Erwan LR Required privilege Unauthenticated...
WordPress ChatBot Plugin <= 4.4.8 is vulnerable to Cross Site Scripting (XSS)
Software ChatBot Type Plugin Vulnerable versions = 4.4.8 Fixed in 4.4.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-1651 Patch priority High CVSS severity High 6.5 Developer Claim ownership PSID 0fe1f44f2072 Credits Erwan LR Required privilege...
WordPress ChatBot Plugin <= 4.4.8 is vulnerable to Cross Site Scripting (XSS)
Software ChatBot Type Plugin Vulnerable versions = 4.4.8 Fixed in 4.4.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-1660 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 427a28b8a8ff Credits Erwan LR Required privilege...
WordPress ChatBot Plugin <= 4.4.4 is vulnerable to Cross Site Scripting (XSS)
Software ChatBot Type Plugin Vulnerable versions = 4.4.4 Fixed in 4.4.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-1011 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID b672166ed65f Credits Erwan LR Required privilege...
WordPress ChatBot Plugin <= 4.4.7 is vulnerable to Broken Access Control
Software ChatBot Type Plugin Vulnerable versions = 4.4.7 Fixed in 4.4.8 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE N/A Patch priority Medium CVSS severity Medium 5.3 Developer Claim ownership PSID 306f61075427 Credits Unknown Required privilege Subscriber...
WordPress ChatBot Plugin <= 4.2.8 is vulnerable to Cross Site Request Forgery (CSRF)
Software ChatBot Type Plugin Vulnerable versions = 4.2.8 Fixed in 4.2.9 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-24415 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 56586a24f6dd Credits Rafshanzani Suhada Required...
WordPress ChatBot Plugin <= 4.3.0 is vulnerable to Cross Site Scripting (XSS)
Software ChatBot Type Plugin Vulnerable versions = 4.3.0 Fixed in 4.3.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-47613 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 55e5078b9db7 Credits Rafshanzani Suhada Required...