Количество 2
Количество 2
CVE-2023-5241
The AI ChatBot for WordPress is vulnerable to Directory Traversal in versions up to, and including, 4.8.9 as well as 4.9.2 via the qcld_openai_upload_pagetraining_file function. This allows subscriber-level attackers to append "<?php" to any existing file on the server resulting in potential DoS when appended to critical files such as wp-config.php.
GHSA-v28w-vh2w-263g
The AI ChatBot for WordPress is vulnerable to Directory Traversal in versions up to, and including, 4.8.9 via the qcld_openai_upload_pagetraining_file function. This allows subscriber-level attackers to append "<?php" to any existing file on the server resulting in potential DoS when appended to critical files such as wp-config.php.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-5241 The AI ChatBot for WordPress is vulnerable to Directory Traversal in versions up to, and including, 4.8.9 as well as 4.9.2 via the qcld_openai_upload_pagetraining_file function. This allows subscriber-level attackers to append "<?php" to any existing file on the server resulting in potential DoS when appended to critical files such as wp-config.php. | CVSS3: 9.6 | 2% Низкий | больше 2 лет назад |
| GHSA-v28w-vh2w-263g The AI ChatBot for WordPress is vulnerable to Directory Traversal in versions up to, and including, 4.8.9 via the qcld_openai_upload_pagetraining_file function. This allows subscriber-level attackers to append "<?php" to any existing file on the server resulting in potential DoS when appended to critical files such as wp-config.php. | CVSS3: 9.6 | 2% Низкий | больше 2 лет назад |
Уязвимостей на страницу