CVE-2024-6843

State: PUBLISHED · Published: 2024-08-19 · Updated: 2024-08-21 · Assigner: WPScan

Description

The Chatbot with ChatGPT WordPress plugin before 2.4.5 does not sanitise and escape user inputs, which could allow unauthenticated users to perform Stored Cross-Site Scripting attacks against admins

CWE

(none)

Affected

Unknown / Chatbot with ChatGPT WordPress — v=0 <2.4.5 [affected]

CVSS

(none)

References

https://wpscan.com/vulnerability/9a5cb440-065a-445a-9a09-55bd5f782e85/ exploit, vdb-entry, technical-description

Source

cvelistV5-main/cves/2024/6xxx/CVE-2024-6843.json