Vulnerabilities > Kognetiks
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-11-13 | CVE-2024-10530 | Missing Authorization vulnerability in Kognetiks Chatbot The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the add_new_assistant() function in all versions up to, and including, 2.1.7. | 4.3 |
2024-11-13 | CVE-2024-10531 | Unspecified vulnerability in Kognetiks Chatbot The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the update_assistant() function in all versions up to, and including, 2.1.7. | 4.3 |
2024-11-13 | CVE-2024-10684 | Cross-site Scripting vulnerability in Kognetiks Chatbot The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'dir' parameter in all versions up to, and including, 2.1.7 due to insufficient input sanitization and output escaping. | 6.1 |
2024-11-13 | CVE-2024-11143 | Cross-Site Request Forgery (CSRF) vulnerability in Kognetiks Chatbot The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.8. | 4.3 |