cleantalk
Vulnerabilities and Security Researches

AI Engine, 21a6533cf7116e730acb86ec7750d660dce20694

CVE, Research URL

21a6533cf7116e730acb86ec7750d660dce20694

Home page URL

Security reports for AI Engine

Application

AI Engine

Published on
May 19, 2023
Research Description
AI Engine &#8211; The Chatbot, AI Framework &amp; MCP for WordPress [ai-engine] < 1.6.83 WordPress AI Engine: ChatGPT Chatbot Plugin < 1.6.83 is vulnerable to Cross Site Scripting (XSS) Update the WordPress AI Engine: ChatGPT Chatbot plugin to the latest available version (at least 1.6.83). WPScanTeam discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress AI Engine: ChatGPT Chatbot Plugin. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has been fixed in version 1.6.83.
Affected versions
max 1.6.83.
Status
vulnerable
Previous vulnerability researches
WP-Appbox (CVE-2025-1489) , Feb 24, 2025
WP-Appbox (b78e4a3b-e432-4968-8b83-125f3bac15cd) , Jun 16, 2026
WP-Appbox (38323495c61fe870f9687d2fb34e8fdaa47f2cea) , Jun 16, 2026
WP-Appbox (cec60394318af09fd303e279df20a93f055a959c) , Jun 16, 2026
WP-Appbox (CVE-2024-12710) , Dec 25, 2024
New vulnerability
leenk.me (753d31765913b4d2dbb8af0a5512e5f1f8c70c61) , Jun 16, 2026
Social Hashtags (5abd4657-8a58-4d97-b8cb-b67235ab5b8a) , Jun 16, 2026
Social Hashtags (1965c7b04565befbb11c28b56cb6922733a47b03) , Jun 16, 2026
Social Hashtags (a7cf6766582e354e702766a86f85716127d19bdc) , Jun 16, 2026
Simple Calendar &#8211; Google Calendar Plugin (e98a6264-9c5a-417f-b2f8-bd0017b411a0) , Jun 16, 2026