Vulnerabilities > Quantumcloud > AI Chatbot
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-05-08 | CVE-2023-1660 | Unspecified vulnerability in Quantumcloud AI Chatbot The AI ChatBot WordPress plugin before 4.4.9 does not have authorisation and CSRF in a function hooked to init, allowing unauthenticated users to update some settings, leading to Stored XSS due to the lack of escaping when outputting them in the admin dashboard | 6.1 |
2023-03-29 | CVE-2022-47613 | Cross-site Scripting vulnerability in Quantumcloud AI Chatbot Auth. | 4.8 |