Show filters
3 Total Results
Displaying 1-3 of 3
Sort by:
Attacker Value
Unknown
CVE-2024-6846
Disclosure Date: September 05, 2024 (last updated September 05, 2024)
The Chatbot with ChatGPT WordPress plugin before 2.4.5 does not validate access on some REST routes, allowing for an unauthenticated user to purge error and chat logs
0
Attacker Value
Unknown
CVE-2024-6847
Disclosure Date: August 20, 2024 (last updated August 20, 2024)
The Chatbot with ChatGPT WordPress plugin before 2.4.5 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by unauthenticated users when submitting messages to the chatbot.
0
Attacker Value
Unknown
CVE-2024-6843
Disclosure Date: August 19, 2024 (last updated August 19, 2024)
The Chatbot with ChatGPT WordPress plugin before 2.4.5 does not sanitise and escape user inputs, which could allow unauthenticated users to perform Stored Cross-Site Scripting attacks against admins
0
