Total
22 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-1011 | 1 Quantumcloud | 1 Ai Chatbot | 2024-11-21 | N/A | 6.1 MEDIUM |
The AI ChatBot WordPress plugin before 4.4.5 does not escape most of its settings before outputting them back in the dashboard, and does not have a proper CSRF check, allowing attackers to make a logged in admin set XSS payloads in them. | |||||
CVE-2022-47613 | 1 Quantumcloud | 1 Ai Chatbot | 2024-11-21 | N/A | 5.9 MEDIUM |
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in QuantumCloud AI ChatBot plugin <= 4.3.0 versions. |