cleantalk
Vulnerabilities and Security Researches

Kognetiks Chatbot for WordPress, CVE-2024-10531

CVE, Research URL

CVE-2024-10531

Home page URL

Security reports for Kognetiks Chatbot for WordPress

Application

Kognetiks Chatbot for WordPress

Published on
Nov 13, 2024
Research Description
The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the update_assistant() function in all versions up to, and including, 2.1.7. This makes it possible for authenticated attackers, with subscriber-level access and above, to update GTP assistants.
Affected versions
Min -, max 2.1.8.
Status
vulnerable
Previous vulnerability researches
Kognetiks Chatbot for WordPress (CVE-2024-35738) , Jun 10, 2024
Kognetiks Chatbot for WordPress (CVE-2024-4560) , Jun 07, 2024
Kognetiks Chatbot for WordPress (CVE-2024-10530) , Nov 14, 2024
Kognetiks Chatbot for WordPress (CVE-2024-32700) , Jun 07, 2024
Kognetiks Chatbot for WordPress (CVE-2024-10531) , Nov 14, 2024
New vulnerability
Xavin's List Subpages (CVE-2025-4220) , May 08, 2025
CarDealerPress (CVE-2025-3860) , May 08, 2025
Crossword Compiler Puzzles (CVE-2025-46493) , May 08, 2025
Frontend Dashboard (CVE-2025-4104) , May 08, 2025
Icegram Express – Email Marketing, Newsletters and Automation for WordPress & WooCommerce (CVE-2025-0671) , May 08, 2025