cleantalk
Vulnerabilities and Security Researches

AI ChatBot, CVE-2023-4253

CVE, Research URL

CVE-2023-4253

Home page URL

Security reports for AI ChatBot

Application

AI ChatBot

Published on
Sep 04, 2023
Research Description
The AI ChatBot WordPress plugin before 4.7.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
Affected versions
Min -, max 4.7.8.
Status
vulnerable
Previous vulnerability researches
Premium Addons for Elementor (CVE-2024-6495) , Jul 13, 2024
Premium Addons for Elementor (CVE-2024-56225) , Dec 23, 2024
Premium Addons for Elementor (CVE-2024-2664) , Jun 07, 2024
Premium Addons for Elementor (CVE-2021-24257) , Jun 07, 2024
Premium Addons for Elementor (CVE-2024-1242) , Jun 07, 2024
New vulnerability
Gutentor – Gutenberg Blocks – Page Builder for Gutenberg Editor (CVE-2025-1986) , May 07, 2025
Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates (CVE-2024-13803) , May 07, 2025
Design for Contact Form 7 Style WordPress Plugin – CF7 WOW Styler (CVE-2022-4974) , May 07, 2025
Admin and Site Enhancements (ASE) (CVE-2024-43333) , May 07, 2025
EventPrime – Events Calendar, Bookings and Tickets (CVE-2024-9864) , May 07, 2025