cleantalk
Vulnerabilities and Security Researches

AI ChatBot, CVE-2023-4253

CVE, Research URL

CVE-2023-4253

Home page URL

Security reports for AI ChatBot

Application

AI ChatBot

Published on
Sep 04, 2023
Research Description
The AI ChatBot WordPress plugin before 4.7.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
Affected versions
Min -, max 4.7.8.
Status
vulnerable
Previous vulnerability researches
Labinator Content Types Duplicator (CVE-2025-31809) , Apr 03, 2025
Theme Duplicator (CVE-2025-31845) , Apr 03, 2025
WP Bulk Post Duplicator (CVE-2025-28884) , Mar 13, 2025
Multisite Post Duplicator (CVE-2016-10944) , Jun 07, 2024
Theme File Duplicator (CVE-2025-27283) , Feb 27, 2025
New vulnerability
PDF Flipbook, 3D Flipbook – DearFlip (CVE-2024-4367) , May 07, 2025
Import any XML or CSV File to WordPress (CVE-2014-2054) , May 07, 2025
WC Affiliate – A Full-fledged Affiliate Manager for WooCommerce (CVE-2024-12321) , May 07, 2025
ProfileGrid – User Profiles, Memberships, Groups and Communities (CVE-2024-13741) , May 07, 2025
Theme Blvd Sliders (CVE-2025-46456) , May 07, 2025