2 matches found
CVE-2023-48741
CVE-2023-48741 : SQL Injection in the WordPress AI ChatBot plugin (ChatBot) affecting versions up to 4.7.8. Root cause: improper neutralization of input in the SQL query (orderby parameter) leading to potential data exposure. Impact per sources includes high confidentiality/integrity/availability...
CVE-2023-44993
The CVE-2023-44993 entry describes a Cross-Site Request Forgery (CSRF) vulnerability in the QuantumCloud AI ChatBot WordPress plugin, affecting versions ≤ 4.7.8. The root cause is CSRF in the plugin’s request handling, with PatchStack noting the fix shipped in version 4.7.9 and indicating the iss...