EUVD-2024-47721

Malicious code in bioql PyPI...

CVE-2025-9111 WPBOT < 7.1.0 - Admin+ Stored XSS

The AI ChatBot for WordPress WordPress plugin before 7.1.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

WordPress WPBot plugin <= 6.3.5 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Peter Thaleikis Patchstack Alliance in WordPress Plugin ChatBot versions = 6.3.5...

CVE-2024-6669

The AI ChatBot for WordPress – WPBot plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 5.5.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2024-6669

The CVE CVE-2024-6669 affects the WPBot WordPress plugin (AI ChatBot for WordPress) up to version 5.5.7, enabling Stored Cross-Site Scripting via admin settings and requiring administrator+ privileges. Impact is limited to multisite setups or where unfiltered_html is disabled; a fix exists in ver...

WordPress AI ChatBot for WordPress – WPBot plugin <= 5.5.7 - Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability

Authenticated Administrator+ Stored Cross-Site Scripting vulnerability discovered by Artem Polynko Artem Polynko in WordPress Plugin ChatBot versions = 5.5.7...

PT-2024-37788 · WordPress · Wpbot

Name of the Vulnerable Software and Affected Versions: The AI ChatBot for WordPress – WPBot plugin for WordPress versions up to, and including, 5.5.7 Description: The issue is related to Stored Cross-Site Scripting via admin settings due to insufficient input sanitization and output escaping. Thi...