Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Remote unauthenticated request with no interaction (AV:N/AC:L/PR:N/UI:N); impact is content deletion affecting availability only (A:H), with no confidentiality or integrity loss.
Primary rating from Vendor (Patchstack).
CVSS VectorVendor: Patchstack
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
2DescriptionCVE.org
Unauthenticated Arbitrary Content Deletion in OpenAI Chatbot for WordPress - Helper <= 1.1.4 versions.
AnalysisAI
Arbitrary content deletion in the Merkulove 'OpenAI Chatbot for WordPress - Helper' plugin (versions 1.1.4 and earlier) lets remote unauthenticated attackers destroy site content by invoking a plugin action that lacks an authorization check. The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:N, A:H) confirms network-reachable, no-privilege, no-interaction exploitation with high availability impact and no confidentiality or integrity compromise. No public exploit identified at time of analysis, and it is not listed in CISA KEV.
Technical ContextAI
The affected component is a WordPress plugin (CPE cpe:2.3:a:merkulove:openai_chatbot_for_wordpress_-_helper) that integrates OpenAI-powered chatbot functionality into WordPress sites. The root cause is CWE-862 (Missing Authorization): a content-deletion endpoint - typically an AJAX (admin-ajax.php) or REST handler in WordPress plugins of this type - is registered without a capability check or nonce validation, so it executes for any caller including anonymous (nopriv) requests. WordPress plugins commonly expose such actions via the wp_ajax_nopriv_ hook, and when the deletion logic omits current_user_can() gating, any visitor can trigger destructive operations.
RemediationAI
No vendor-released patch version is identified in the available data, so no fixed version can be cited with confidence; consult the Patchstack advisory (https://patchstack.com/database/wordpress/plugin/helper/vulnerability/wordpress-openai-chatbot-for-wordpress-helper-plugin-1-1-4-arbitrary-content-deletion-vulnerability?_s_id=cve) and the plugin vendor for an upgrade beyond 1.1.4. Until a patched release is confirmed, the safest compensating control is to deactivate and remove the plugin, which fully eliminates the vulnerable endpoint at the cost of losing chatbot functionality. If the plugin must remain active, place a Web Application Firewall (Patchstack's own vPatch or an equivalent WAF) in front of the site to block requests to the plugin's deletion action, and restrict access to wp-admin/admin-ajax.php and any plugin REST routes by IP where feasible - noting that admin-ajax.php restrictions can break legitimate front-end AJAX features and must be tested.
Same weakness CWE-862 – Missing Authorization
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-210403
GHSA-7hx3-543p-gqmx