PT-2023-32235 · Undefined · Undefined
Published
2023-10-20
·
Updated
2024-01-23
·
CVE-2023-5646
None
No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
‼ CVE-2023-5646 ‼
The AI ChatBot for WordPress is vulnerable to Directory Traversal in version 4.9.2 via the qcld openai upload pagetraining file function. This allows subscriber-level attackers to append "<?php" to any existing file on the server resulting in potential DoS when appended to critical files such as wp-config.php. This vulnerability is the same as CVE-2023-5241, but was reintroduced in version 4.9.2.
📖 Read
via "National Vulnerability Database".
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Undefined