cleantalk
Vulnerabilities and Security Researches

AI Engine, CVE-2024-6723

CVE, Research URL

CVE-2024-6723

Application

AI Engine

Published on
Sep 13, 2024
Research Description
The AI Engine WordPress plugin before 2.4.8 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by admin users when viewing chatbot discussions.
Affected versions
Min -, max 2.4.8.
Status
vulnerable