2 matches found
CVE-2023-5533
CVE-2023-5533 affects the WordPress AI ChatBot plugin. The vulnerability arises from missing capability checks on multiple AJAX actions, allowing unauthenticated users to invoke actions intended for higher-privileged users. Affected versions are up to and including 4.8.9 and also 4.9.2. Wordfence...
CVE-2023-5534
Summary: CVE-2023-5534 concerns the AI ChatBot WordPress plugin with CSRF due to missing/incorrect nonce validation in certain functions, affecting versions ≤ 4.8.9 and 4.9.2. Unauthenticated attackers can exploit forged requests to trigger actions when a site admin is enticed to click links. Imp...