Lucene search
K

53 matches found

Positive Technologies
Positive Technologies
added 2025/05/19 12:0 a.m.5 views

PT-2025-22067 · WordPress · Quantumcloud Wpbot Pro

Name of the Vulnerable Software and Affected Versions: QuantumCloud WPBot Pro Wordpress Chatbot versions n/a through 12.7.0 Description: The issue is related to the deserialization of untrusted data, allowing object injection in the QuantumCloud WPBot Pro Wordpress Chatbot. This can be exploited...

9.8CVSS9.4AI score0.00489EPSS
Exploits0References4
NVD
NVD
added 2025/05/17 6:15 a.m.12 views

CVE-2025-3812

The WPBot Pro Wordpress Chatbot plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the qcldopenaideletetrainingfile function in all versions up to, and including, 13.6.2. This makes it possible for authenticated attackers, with Subscriber-lev...

8.1CVSS0.00505EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/05/17 5:30 a.m.6 views

CVE-2025-3812 WPBot Pro Wordpress Chatbot <= 13.6.2 - Authenticated (Subscriber+) Arbitrary File Deletion

The WPBot Pro Wordpress Chatbot plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the qcldopenaideletetrainingfile function in all versions up to, and including, 13.6.2. This makes it possible for authenticated attackers, with Subscriber-lev...

8.1CVSS8.3AI score0.00505EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/05/17 12:0 a.m.5 views

PT-2025-21775 · WordPress · Wpbot Pro

Name of the Vulnerable Software and Affected Versions: WPBot Pro Wordpress Chatbot plugin versions up to, and including, 13.6.2 Description: The WPBot Pro Wordpress Chatbot plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the qcld openai...

8.1CVSS8.9AI score0.00505EPSS
Exploits0References9
CNNVD
CNNVD
added 2025/05/17 12:0 a.m.2 views

WordPress plugin WPBot Pro Wordpress Chatbot 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

8.1CVSS8.3AI score0.00505EPSS
Exploits0References4
Patchstack
Patchstack
added 2025/05/16 10:12 p.m.6 views

WordPress WPBot Pro Wordpress Chatbot plugin <= 13.6.2 - Authenticated (Subscriber+) Arbitrary File Deletion vulnerability

Authenticated Subscriber+ Arbitrary File Deletion vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin WPBot Pro Wordpress Chatbot versions = 13.6.2...

8.1CVSS8.4AI score0.00505EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/02/25 2:17 p.m.23 views

CVE-2025-26932 WordPress WPBot plugin <= 6.3.5 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in QuantumCloud ChatBot chatbot allows PHP Local File Inclusion.This issue affects ChatBot: from n/a through = 6.3.5...

7.5CVSS0.00711EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/02/25 2:17 p.m.8 views

CVE-2025-26932 WordPress WPBot plugin <= 6.3.5 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in QuantumCloud ChatBot chatbot allows PHP Local File Inclusion.This issue affects ChatBot: from n/a through = 6.3.5...

7.5CVSS8.7AI score0.00711EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/02/23 9:59 p.m.4 views

WordPress WPBot plugin <= 6.3.5 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Peter Thaleikis Patchstack Alliance in WordPress Plugin ChatBot versions = 6.3.5...

7.5CVSS7AI score0.00711EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/02/04 11:53 p.m.8 views

CVE-2024-13091

The WPBot Pro Wordpress Chatbot plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'qcldwpcfbfileupload' function in all versions up to, and including, 13.5.4. This makes it possible for unauthenticated attackers to upload arbitrary files on th...

9.8CVSS8AI score0.00815EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/22 5:23 a.m.34 views

CVE-2024-12879 WPBot Pro Wordpress Chatbot <= 13.5.5 - Missing Authorization to Authenticated (Subscriber+) Simple Text Response Creation

The WPBot Pro Wordpress Chatbot plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'qcwplatestupdatecheckpro' function in all versions up to, and including, 13.5.5. This makes it possible for authenticated attackers, with...

4.3CVSS0.00257EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/01/22 5:23 a.m.10 views

CVE-2024-12879 WPBot Pro Wordpress Chatbot <= 13.5.5 - Missing Authorization to Authenticated (Subscriber+) Simple Text Response Creation

The WPBot Pro Wordpress Chatbot plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'qcwplatestupdatecheckpro' function in all versions up to, and including, 13.5.5. This makes it possible for authenticated attackers, with...

4.3CVSS5.3AI score0.00257EPSS
Exploits0References2
CVE
CVE
added 2025/01/22 5:23 a.m.61 views

CVE-2024-12879

CVE-2024-12879 concerns WPBot Pro WordPress Chatbot plugin (versions up to and including 13.5.5). The connected sources confirm a missing capability check in the qc_wp_latest_update_check_pro function that permits authenticated users with Subscriber-level access and above to create Simple Text Re...

4.3CVSS4.4AI score0.00257EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2025/01/22 12:15 a.m.11 views

CVE-2024-13091

The WPBot Pro Wordpress Chatbot plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'qcldwpcfbfileupload' function in all versions up to, and including, 13.5.4. This makes it possible for unauthenticated attackers to upload arbitrary files on th...

9.8CVSS0.00815EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/01/22 12:0 a.m.9 views

PT-2025-1975 · WordPress · Wpbot Pro

Name of the Vulnerable Software and Affected Versions: WPBot Pro Wordpress Chatbot plugin for WordPress versions up to, and including, 13.5.5 Description: The issue allows authenticated attackers with Subscriber-level access and above to create Simple Text Responses to chat queries due to a missi...

4.3CVSS6.7AI score0.00257EPSS
Exploits0References7
Cvelist
Cvelist
added 2025/01/21 11:20 p.m.16 views

CVE-2024-13091 WPBot Pro Wordpress Chatbot <= 13.5.4 - Unauthenticated Arbitrary File Upload

The WPBot Pro Wordpress Chatbot plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'qcldwpcfbfileupload' function in all versions up to, and including, 13.5.4. This makes it possible for unauthenticated attackers to upload arbitrary files on th...

9.8CVSS0.00815EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/01/21 11:20 p.m.19 views

CVE-2024-13091 WPBot Pro Wordpress Chatbot <= 13.5.4 - Unauthenticated Arbitrary File Upload

The WPBot Pro Wordpress Chatbot plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'qcldwpcfbfileupload' function in all versions up to, and including, 13.5.4. This makes it possible for unauthenticated attackers to upload arbitrary files on th...

9.8CVSS8AI score0.00815EPSS
Exploits0References2
CVE
CVE
added 2025/01/21 11:20 p.m.68 views

CVE-2024-13091

CVE-2024-13091 affects the WPBot Pro WordPress plugin (versions ≤ 13.5.4). The vulnerability stems from missing file-type validation in the qcld_wpcfb_file_upload function, allowing unauthenticated attackers to upload arbitrary files to the server. This could enable remote code execution, especia...

9.8CVSS9.9AI score0.00815EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2025/01/21 8:54 p.m.5 views

WordPress WPBot Pro Wordpress Chatbot plugin <= 13.5.5 - Missing Authorization to Authenticated (Subscriber+) Simple Text Response Creation vulnerability

Missing Authorization to Authenticated Subscriber+ Simple Text Response Creation vulnerability discovered by BrokenAC ignore in WordPress Plugin WPBot Pro Wordpress Chatbot versions = 13.5.5...

4.3CVSS7AI score0.00257EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/01/21 11:48 a.m.5 views

WordPress WPBot Pro Wordpress Chatbot plugin <= 13.5.4 - Unauthenticated Arbitrary File Upload vulnerability

Unauthenticated Arbitrary File Upload vulnerability discovered by István Márton in WordPress Plugin WPBot Pro Wordpress Chatbot versions = 13.5.4...

9.8CVSS7AI score0.00815EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder