Wpbot Ai Chatbot For Live Support Lead Generation Ai Services
Monthly
Authorization bypass in the WPBot AI ChatBot plugin for WordPress (all versions ≤ 8.5.6) permits any subscriber-level authenticated user to invoke the plugin's RAG document re-embedding functionality without authorization, directly modifying the rag_documents database table and triggering calls to the site owner's paid AI APIs (OpenAI, Gemini, OpenRouter, or xAI). The root cause is a missing capability check in class-qcld-bot-rag.php, confirmed by Wordfence and traceable to specific code paths in qcld-wpwbot.php. No public exploit code or active exploitation (CISA KEV) has been identified at time of analysis, and the CVSS 4.3 Medium score reflects constrained direct security impact - though financial harm from API credit exhaustion represents the primary real-world risk.
Unauthorized deletion of chat session records in the WPBot WordPress plugin affects all versions through 8.5.6, allowing unauthenticated remote attackers to wipe arbitrary conversation history and user records by supplying a crafted userid parameter to unprotected endpoints. The root cause is a missing authorization check (CWE-862) in the chat sessions module, confirmed by Wordfence with source-level references to the vulnerable code in wpbot-chat-sessions.php. No public exploit code or active exploitation (CISA KEV) has been identified at time of analysis, and the CVSS-assigned score of 5.3 Medium reflects the limited scope: data deletion with no confidentiality or availability impact on the service itself.
Stored cross-site scripting in the WPBot AI ChatBot for WordPress (all versions through 8.4.9) lets unauthenticated attackers persist arbitrary JavaScript through the 'conversation' parameter, which later executes when the injected page is viewed - most notably by an administrator opening the chat-session reports in wp-admin. Because the AJAX nonce that guards the save endpoint is publicly emitted on every frontend page via wp_localize_script, any anonymous visitor can obtain it, so there is effectively no barrier to injection. No public exploit identified at time of analysis, and the flaw is not listed in CISA KEV; risk stems from ease of exploitation rather than confirmed in-the-wild abuse.
Authorization bypass in the WPBot AI ChatBot plugin for WordPress (all versions ≤ 8.5.6) permits any subscriber-level authenticated user to invoke the plugin's RAG document re-embedding functionality without authorization, directly modifying the rag_documents database table and triggering calls to the site owner's paid AI APIs (OpenAI, Gemini, OpenRouter, or xAI). The root cause is a missing capability check in class-qcld-bot-rag.php, confirmed by Wordfence and traceable to specific code paths in qcld-wpwbot.php. No public exploit code or active exploitation (CISA KEV) has been identified at time of analysis, and the CVSS 4.3 Medium score reflects constrained direct security impact - though financial harm from API credit exhaustion represents the primary real-world risk.
Unauthorized deletion of chat session records in the WPBot WordPress plugin affects all versions through 8.5.6, allowing unauthenticated remote attackers to wipe arbitrary conversation history and user records by supplying a crafted userid parameter to unprotected endpoints. The root cause is a missing authorization check (CWE-862) in the chat sessions module, confirmed by Wordfence with source-level references to the vulnerable code in wpbot-chat-sessions.php. No public exploit code or active exploitation (CISA KEV) has been identified at time of analysis, and the CVSS-assigned score of 5.3 Medium reflects the limited scope: data deletion with no confidentiality or availability impact on the service itself.
Stored cross-site scripting in the WPBot AI ChatBot for WordPress (all versions through 8.4.9) lets unauthenticated attackers persist arbitrary JavaScript through the 'conversation' parameter, which later executes when the injected page is viewed - most notably by an administrator opening the chat-session reports in wp-admin. Because the AJAX nonce that guards the save endpoint is publicly emitted on every frontend page via wp_localize_script, any anonymous visitor can obtain it, so there is effectively no barrier to injection. No public exploit identified at time of analysis, and the flaw is not listed in CISA KEV; risk stems from ease of exploitation rather than confirmed in-the-wild abuse.