Every CVE whose affected-product data names Quantumcloud Wpbot, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (27)
CVE-2023-1650 — CVSS 9.8 (critical): The AI ChatBot WordPress plugin before 4.4.7 unserializes user input from cookies via an AJAX action available to unauthenticated users…
CVE-2023-5204 — CVSS 9.8 (critical): The ChatBot plugin for WordPress is vulnerable to SQL Injection via the $strid parameter in versions up to, and including, 4.8.9 due to…
CVE-2023-5241 — CVSS 9.6 (critical): The AI ChatBot for WordPress is vulnerable to Directory Traversal in versions up to, and including, 4.8.9 as well as 4.9.2 via the…
CVE-2023-5212 — CVSS 9.6 (critical): The AI ChatBot plugin for WordPress is vulnerable to Arbitrary File Deletion in versions up to, and including, 4.8.9 as well as version…
CVE-2024-22309 — CVSS 8.7 (high): Deserialization of Untrusted Data vulnerability in QuantumCloud ChatBot with AI.This issue affects ChatBot with AI: from n/a through 5.1.0.
CVE-2023-48741 — CVSS 7.6 (high): Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in QuantumCloud AI ChatBot.This issue…
CVE-2023-1660 — CVSS 6.1 (medium): The AI ChatBot WordPress plugin before 4.4.9 does not have authorisation and CSRF in a function hooked to init, allowing unauthenticated…
CVE-2023-1011 — CVSS 6.1 (medium): The AI ChatBot WordPress plugin before 4.4.5 does not escape most of its settings before outputting them back in the dashboard, and does…
CVE-2022-47613 — CVSS 5.9 (medium): Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in QuantumCloud AI ChatBot plugin <= 4.3.0 versions.
CVE-2024-6669 — CVSS 5.5 (medium): The AI ChatBot for WordPress – WPBot plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions…
CVE-2023-1651 — CVSS 5.4 (medium): The AI ChatBot WordPress plugin before 4.4.9 does not have authorisation and CSRF in the AJAX action responsible to update the OpenAI…
CVE-2023-5254 — CVSS 5.3 (medium): The ChatBot plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 4.8.9 via the…
CVE-2023-5533 — CVSS 5.3 (medium): The AI ChatBot plugin for WordPress is vulnerable to unauthorized use of AJAX actions due to missing capability checks on the corresponding…
CVE-2024-0453 — CVSS 5.0 (medium): The AI ChatBot plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the…
CVE-2024-0451 — CVSS 5.0 (medium): The AI ChatBot plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the…
CVE-2024-0452 — CVSS 5.0 (medium): The AI ChatBot plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the…
CVE-2025-0329 — CVSS 4.8 (medium): The AI ChatBot for WordPress WordPress plugin before 6.2.4 does not sanitise and escape some of its settings, which could allow high…
CVE-2023-1649 — CVSS 4.8 (medium): The AI ChatBot WordPress plugin before 4.5.1 does not sanitise and escape numerous of its settings, which could allow high privilege users…
CVE-2023-4253 — CVSS 4.8 (medium): The AI ChatBot WordPress plugin before 4.7.8 does not sanitise and escape some of its settings, which could allow high privilege users such…
CVE-2023-3175 — CVSS 4.8 (medium): The AI ChatBot WordPress plugin before 4.6.1 does not adequately escape some settings, allowing high-privilege users such as admin to…
CVE-2023-2742 — CVSS 4.8 (medium): The AI ChatBot WordPress plugin before 4.5.5 does not sanitize and escape its settings, allowing high-privilege users such as admin to…
CVE-2023-4254 — CVSS 4.8 (medium): The AI ChatBot WordPress plugin before 4.7.8 does not sanitise and escape some of its settings, which could allow high privilege users such…
CVE-2023-2811 — CVSS 4.8 (medium): The AI ChatBot WordPress plugin before 4.5.6 does not sanitise and escape numerous of its settings, which could allow high privilege users…
CVE-2023-5606 — CVSS 4.4 (medium): The ChatBot for WordPress is vulnerable to Stored Cross-Site Scripting via the FAQ Builder in versions 4.8.6 through 4.9.6 due to…
CVE-2023-5534 — CVSS 4.3 (medium): The AI ChatBot plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.8.9 and 4.9.2. This is…
CVE-2023-44993 — CVSS 4.3 (medium): Cross-Site Request Forgery (CSRF) vulnerability in QuantumCloud AI ChatBot plugin <= 4.7.8 versions.
CVE-2025-9111 — CVSS 3.5 (low): The AI ChatBot for WordPress WordPress plugin before 7.1.0 does not sanitise and escape some of its settings, which could allow high…