PT-2023-22679 · WordPress · Autochat Automatic Conversation
Rafael B
·
Published
2023-07-17
·
Updated
2023-07-26
·
CVE-2023-3041
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Autochat Automatic Conversation WordPress plugin versions 1.1.7 and earlier
Description
The issue is related to the lack of sanitization and escaping of user input before it is outputted back on the page. This leads to a cross-site scripting attack.
Recommendations
For Autochat Automatic Conversation WordPress plugin versions 1.1.7 and earlier, update to a version that properly sanitizes and escapes user input to prevent cross-site scripting attacks.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Autochat Automatic Conversation