Lucene search
+L
QuantumcloudWpbot

8 matches found

CVE
CVE
added 2023/11/02 8:31 a.m.106 views

CVE-2023-5606

The CVE-2023-5606 issue affects the WordPress Plugin ChatBot, specifically versions 4.8.6 through 4.9.6. The root cause is insufficient input sanitization and output escaping in the FAQ Builder, enabling Stored Cross-Site Scripting. Impact is limited to sites using multisite installations or with...

4.8CVSS4.9AI score0.0032EPSS
CVE
CVE
added 2023/09/04 11:26 a.m.99 views

CVE-2023-4253

The CVE-2023-4253 entry concerns the WordPress plugin AI ChatBot (up to version 4.7.8). The issue is improper sanitisation/escaping of certain settings, enabling stored XSS by high-privilege users (e.g., admins) even when unfiltered_html is disallowed. Public details in connected Red Hat and NVD ...

4.8CVSS4.6AI score0.00416EPSS
CVE
CVE
added 2023/06/19 10:52 a.m.94 views

CVE-2023-2811

CVE-2023-2811 affects the AI ChatBot WordPress plugin (pre-4.5.6). The issue is due to insufficient sanitisation/escaping of numerous settings, allowing stored cross-site scripting that can impact all admins when configuring the chatbot and all users of the chatbot. The primary root cause is impr...

4.8CVSS5AI score0.00442EPSS
CVE
CVE
added 2023/05/08 1:58 p.m.67 views

CVE-2023-1649

CVE-2023-1649 affects the AI ChatBot WordPress plugin prior to version 4.5.1. The flaw arises from insufficient sanitization/escaping of numerous settings, enabling Stored XSS by high-privilege users (e.g., admins), including in multisite configurations where unfiltered_html is disallowed. The vu...

4.8CVSS4.9AI score0.00442EPSS
CVE
CVE
added 2023/09/04 11:26 a.m.62 views

CVE-2023-4254

The CVE-2023-4254 entry concerns the AI ChatBot WordPress plugin prior to version 4.7.8, which fails to sanitise/escape certain settings, enabling Stored XSS by high-privilege users (e.g., Admin) even when unfiltered_html is disallowed (such as in multisite). Public details in connected documents...

4.8CVSS4.9AI score0.00408EPSS
CVE
CVE
added 2023/06/19 10:52 a.m.60 views

CVE-2023-2742

CVE-2023-2742 affects the AI ChatBot WordPress plugin (pre-4.5.5). The vulnerability is a stored XSS due to unsanitized/uncleaned settings in the admin UI, allowing an admin (high-privilege user) to inject scripts even when unfiltered_html is disallowed. Root cause: settings are not sanitized/esc...

4.8CVSS4.8AI score0.0047EPSS
CVE
CVE
added 2023/07/10 12:40 p.m.50 views

CVE-2023-3175

The CVE-2023-3175 entry is supported by multiple connected documents describing a stored Cross-Site Scripting vulnerability in the AI ChatBot WordPress plugin prior to version 4.6.1. The issue arises because certain settings are not adequately escaped, allowing high-privilege users (e.g., admins)...

4.8CVSS4.8AI score0.00614EPSS
CVE
CVE
added 2025/05/15 8:7 p.m.45 views

CVE-2025-0329

The CVE-2025-0329 entry concerns the AI ChatBot for WordPress (WPBot) plugin for WordPress, affected versions prior to 6.2.4. The root cause is insufficient sanitization and escaping of certain settings, which could enable stored cross-site scripting (XSS) by high-privilege users (e.g., admins), ...

4.8CVSS5.8AI score0.00219EPSS