Filtered by vendor Smartsearchwp
Subscriptions
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-6846 | 1 Smartsearchwp | 1 Chatbot With Chatgpt Wordpress | 2024-09-05 | 5.3 Medium |
The Chatbot with ChatGPT WordPress plugin before 2.4.5 does not validate access on some REST routes, allowing for an unauthenticated user to purge error and chat logs | ||||
CVE-2024-6847 | 1 Smartsearchwp | 1 Chatbot With Chatgpt Wordpress | 2024-08-20 | 9.8 Critical |
The Chatbot with ChatGPT WordPress plugin before 2.4.5 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by unauthenticated users when submitting messages to the chatbot. |
Page 1 of 1.