The AI ChatBot plugin for WordPress is vulnerable to unauthorized use of AJAX actions due to missing capability checks on the corresponding functions in versions up to, and including, 4.8.9 as well as 4.9.2. This makes it possible for unauthenticated attackers to perform some of those actions that were intended for higher privileged users.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Wordfence
Published: 2023-10-20T07:29:26.096Z
Updated: 2024-08-02T07:59:44.769Z
Reserved: 2023-10-11T19:00:32.298Z
Link: CVE-2023-5533
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-10-20T08:15:13.450
Modified: 2024-11-21T08:41:57.297
Link: CVE-2023-5533
Redhat
No data.