Vulnerabilities > Kognetiks

DATE CVE VULNERABILITY TITLE RISK
2024-11-13 CVE-2024-10529 Missing Authorization vulnerability in Kognetiks Chatbot
The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the delete_assistant() function in all versions up to, and including, 2.1.7.
network
low complexity
kognetiks CWE-862
5.3
5.3
2024-11-13 CVE-2024-10530 Missing Authorization vulnerability in Kognetiks Chatbot
The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the add_new_assistant() function in all versions up to, and including, 2.1.7.
network
low complexity
kognetiks CWE-862
4.3
4.3
2024-11-13 CVE-2024-10531 Missing Authorization vulnerability in Kognetiks Chatbot
The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the update_assistant() function in all versions up to, and including, 2.1.7.
network
low complexity
kognetiks CWE-862
4.3
4.3
2024-11-13 CVE-2024-10684 Cross-site Scripting vulnerability in Kognetiks Chatbot
The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'dir' parameter in all versions up to, and including, 2.1.7 due to insufficient input sanitization and output escaping.
network
low complexity
kognetiks CWE-79
6.1
6.1
2024-11-13 CVE-2024-11143 Cross-Site Request Forgery (CSRF) vulnerability in Kognetiks Chatbot
The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.8.
network
low complexity
kognetiks CWE-352
4.3
4.3