Quantumcloud Wpbot – Ai Chatbot For Live Support, Lead Generation, Ai Services
10 CVEs affecting Quantumcloud Wpbot – Ai Chatbot For Live Support, Lead Generation, Ai Services. Latest disclosed: 2024-07-17. Critical: 3, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-5204 | Critical | 9.8 | 2023-10-19 | The ChatBot plugin for WordPress is vulnerable to SQL Injection via the $strid parameter in versions up to, and including, 4.8.9 due to insufficient escaping o… |
CVE-2023-5212 | Critical | 9.6 | 2023-10-19 | The AI ChatBot plugin for WordPress is vulnerable to Arbitrary File Deletion in versions up to, and including, 4.8.9 as well as version 4.9.2. This makes it po… |
CVE-2023-5241 | Critical | 9.6 | 2023-10-19 | The AI ChatBot for WordPress is vulnerable to Directory Traversal in versions up to, and including, 4.8.9 as well as 4.9.2 via the qcld_openai_upload_pagetrain… |
CVE-2024-6669 | Medium | 5.5 | 2024-07-17 | The AI ChatBot for WordPress – WPBot plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including… |
CVE-2023-5533 | Medium | 5.3 | 2023-10-20 | The AI ChatBot plugin for WordPress is vulnerable to unauthorized use of AJAX actions due to missing capability checks on the corresponding functions in versio… |
CVE-2023-5254 | Medium | 5.3 | 2023-10-19 | The ChatBot plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 4.8.9 via the qcld_wb_chatbot_check_user fun… |
CVE-2024-0453 | Medium | 5.0 | 2024-05-22 | The AI ChatBot plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the openai_file_delete_callback fun… |
CVE-2024-0452 | Medium | 5.0 | 2024-05-22 | The AI ChatBot plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the openai_file_upload_callback fun… |
CVE-2024-0451 | Medium | 5.0 | 2024-05-22 | The AI ChatBot plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the openai_file_list_callback function in… |
CVE-2023-5534 | Medium | 4.3 | 2023-10-20 | The AI ChatBot plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.8.9 and 4.9.2. This is due to missing or in… |