Skip to main content

Openai Chatbot For Wordpress Helper

1 CVEs product

Monthly

CVE-2025-69134 HIGH This Week

Arbitrary content deletion in the Merkulove 'OpenAI Chatbot for WordPress - Helper' plugin (versions 1.1.4 and earlier) lets remote unauthenticated attackers destroy site content by invoking a plugin action that lacks an authorization check. The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:N, A:H) confirms network-reachable, no-privilege, no-interaction exploitation with high availability impact and no confidentiality or integrity compromise. No public exploit identified at time of analysis, and it is not listed in CISA KEV.

Authentication Bypass WordPress Openai Chatbot For Wordpress Helper
NVD
CVSS 3.1
7.5
EPSS
0.3%
EPSS 0% CVSS 7.5
HIGH This Week

Arbitrary content deletion in the Merkulove 'OpenAI Chatbot for WordPress - Helper' plugin (versions 1.1.4 and earlier) lets remote unauthenticated attackers destroy site content by invoking a plugin action that lacks an authorization check. The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:N, A:H) confirms network-reachable, no-privilege, no-interaction exploitation with high availability impact and no confidentiality or integrity compromise. No public exploit identified at time of analysis, and it is not listed in CISA KEV.

Authentication Bypass WordPress Openai Chatbot For Wordpress Helper
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy