Vulnerabilities and security researches forchatbot-support-ai chatbot-support-ai

Aug 12, 2024

CVE, Research URL: CVE-2024-6722
Home page URL: Security reports for Chatbot Support AI: Free ChatGPT Chatbot, Woocommerce Chatbot
Application: Chatbot Support AI: Free ChatGPT Chatbot, Woocommerce Chatbot
Date: Sep 04, 2024
Research Description: The Chatbot Support AI: Free ChatGPT Chatbot, Woocommerce Chatbot WordPress plugin through 1.0.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
Affected versions: Min -, max -.
Status: vulnerable