Skip to main content

Chatbot For Ecommerce 8211 Woowbot

1 CVEs product

Monthly

CVE-2026-57414 MEDIUM This Month

Stored Cross-Site Scripting in QuantumCloud's WoowBot (ChatBot for eCommerce) WordPress plugin allows authenticated low-privileged users to inject persistent malicious scripts that execute in victims' browsers when stored content is rendered. Versions through 4.6.1 are affected, with a scope change confirmed by the CVSS vector (S:C), meaning attacker-controlled JavaScript runs in the context of other users - including administrators. No public exploit code has been identified at time of analysis and the vulnerability is not listed in CISA KEV.

XSS WordPress Chatbot For Ecommerce 8211 Woowbot
NVD
CVSS 3.1
6.5
EPSS
0.2%
EPSS 0% CVSS 6.5
MEDIUM This Month

Stored Cross-Site Scripting in QuantumCloud's WoowBot (ChatBot for eCommerce) WordPress plugin allows authenticated low-privileged users to inject persistent malicious scripts that execute in victims' browsers when stored content is rendered. Versions through 4.6.1 are affected, with a scope change confirmed by the CVSS vector (S:C), meaning attacker-controlled JavaScript runs in the context of other users - including administrators. No public exploit code has been identified at time of analysis and the vulnerability is not listed in CISA KEV.

XSS WordPress Chatbot For Ecommerce 8211 Woowbot
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy