4 matches found
CVE-2024-6845
CVE-2024-6845 affects SmartSearchWP (Chatbot with ChatGPT WordPress plugin)
CVE-2024-6846
The CVE-2024-6846 entry concerns the WordPress plugin “Chatbot with ChatGPT” (SmartSearchWP) before 2.4.5. Technical details across connected documents show improper access control on certain REST routes, allowing an unauthenticated user to purge error and chat logs. Affected component: the REST ...
CVE-2024-6843
CVE-2024-6843 affects the WordPress Chatbot with ChatGPT plugin prior to version 2.4.5. The issue is stored XSS caused by insufficient sanitization/escaping of user inputs, enabling unauthenticated users to inject scripts that can affect admins. Red Hat’s entry reiterates the same description. Im...
CVE-2024-6847
CVE-2024-6847 affects the WordPress plugin Chatbot with ChatGPT WordPress, version prior to 2.4.5. The issue is an unsanitized/uncleaned parameter being used in a SQL statement, enabling unauthenticated SQL injection when users submit messages to the chatbot. Impact is high (unauthenticated acces...