Lucene search
WpvulndbWPVDB-ID:48C15A0B-2202-474D-BF4E-7096B9B0AD70HistoryOct 24, 2023 - 12:00 a.m.
AI ChatBot < 4.9.3 - Subscriber+ Arbitrary File Deletion
2023-10-2400:00:00
wpscan.com
5
ai chatbot
plugin vulnerability
file deletion
server
cve-2023-5212
Description The plugin does not properly validate files to be deleted in the qcld_openai_delete_training_file function, allowing users with roles as low as subscriber to delete arbitrary files on the server. This vulnerability is the same as CVE-2023-5212 but was accidentally reintroduced in version 4.9.2.
| CPE | Name | Operator | Version |
|---|---|---|---|
| eq | 4.9.3 |
Related
cve
cve
CVE-2023-5647
2023-10-20 02:15:08
CVE-2023-5212
2023-10-19 06:15:11
nvd
nvd
CVE-2023-5647
2023-10-20 02:15:08
CVE-2023-5212
2023-10-19 06:15:11
prion
prion
Arbitrary file deletion
2023-10-19 06:15:00
wpvulndb
wpvulndb
AI ChatBot < 4.9.1 - Subscriber+ Arbitrary File Deletion
2023-10-24 00:00:00
cvelist
cvelist
CVE-2023-5647
2023-10-20 01:51:34
CVE-2023-5212
2023-10-19 05:34:11
zdt
zdt
packetstorm
packetstorm
WordPress AI ChatBot 4.8.9 SQL Injection / Traversal / File Deletion
2023-10-26 00:00:00
wordfence
wordfence
8 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
52.8%
Related for WPVDB-ID:48C15A0B-2202-474D-BF4E-7096B9B0AD70