Home/Product/quantumcloud wpbot
Product

quantumcloud wpbot

28 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2025-9111
< 7.1.0
The AI ChatBot for WordPress plugin before 7.1.0 does not sanitise and escape some of its settings, which could allow h
3.5LOW
 CVE-2025-0329
< 6.2.4
The AI ChatBot for WordPress plugin before 6.2.4 does not sanitise and escape some of its settings, which could allow h
4.8MEDIUM
 CVE-2024-13091
< 13.5.6
The WPBot Pro Wordpress Chatbot plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation i
9.8CRITICAL
 CVE-2024-6669
< 5.5.8
The AI ChatBot for WordPress - WPBot plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all v
5.5MEDIUM
 CVE-2024-0453
< 5.3.6
The AI ChatBot plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the op
5.0MEDIUM
 CVE-2024-0452
< 5.3.6
The AI ChatBot plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the op
5.0MEDIUM
 CVE-2024-0451
< 5.3.6
The AI ChatBot plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the openai_f
5.0MEDIUM
 CVE-2024-22309
< 5.1.1
Deserialization of Untrusted Data vulnerability in QuantumCloud ChatBot with AI.This issue affects ChatBot with AI: from n/a throu
8.7HIGH
 CVE-2023-48741
<= 4.7.8
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in QuantumCloud AI ChatBot.This
7.6HIGH
 CVE-2023-5606
>= 4.8.6 and < 4.9.7
The ChatBot for WordPress is vulnerable to Stored Cross-Site Scripting via the FAQ Builder in versions 4.8.6 through 4.9.6 due to
4.4MEDIUM
 CVE-2023-5534
<= 4.8.9
The AI ChatBot plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.8.9 and 4.9.2.
4.3MEDIUM
 CVE-2023-5533
<= 4.8.9
The AI ChatBot plugin for WordPress is vulnerable to unauthorized use of AJAX actions due to missing capability checks on the corr
5.3MEDIUM
 CVE-2023-5254
< 4.9.1
The ChatBot plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 4.8.9 via the q
5.3MEDIUM
 CVE-2023-5241
< 4.9.1
The AI ChatBot for WordPress is vulnerable to Directory Traversal in versions up to, and including, 4.8.9 as well as 4.9.2 via the
9.6CRITICAL
 CVE-2023-5212
< 4.9.1
The AI ChatBot plugin for WordPress is vulnerable to Arbitrary File Deletion in versions up to, and including, 4.8.9 as well as ve
9.6CRITICAL
 CVE-2023-5204
< 4.9.1
The ChatBot plugin for WordPress is vulnerable to SQL Injection via the $strid parameter in versions up to, and including, 4.8.9 d
9.8CRITICAL
 CVE-2023-44993
<= 4.7.8
Cross-Site Request Forgery (CSRF) vulnerability in QuantumCloud AI ChatBot plugin <= 4.7.8 versions.
4.3MEDIUM
 CVE-2023-4254
< 4.7.8
The AI ChatBot WordPress plugin before 4.7.8 does not sanitise and escape some of its settings, which could allow high privilege u
4.8MEDIUM
 CVE-2023-4253
< 4.7.8
The AI ChatBot WordPress plugin before 4.7.8 does not sanitise and escape some of its settings, which could allow high privilege u
4.8MEDIUM
 CVE-2023-3175
< 4.6.1
The AI ChatBot WordPress plugin before 4.6.1 does not adequately escape some settings, allowing high-privilege users such as admin
4.8MEDIUM
 CVE-2023-2811
< 4.5.6
The AI ChatBot WordPress plugin before 4.5.6 does not sanitise and escape numerous of its settings, which could allow high privile
4.8MEDIUM
 CVE-2023-2742
< 4.5.5
The AI ChatBot WordPress plugin before 4.5.5 does not sanitize and escape its settings, allowing high-privilege users such as admi
4.8MEDIUM
 CVE-2023-1660
< 4.4.9
The AI ChatBot WordPress plugin before 4.4.9 does not have authorisation and CSRF in a function hooked to init, allowing unauthent
6.1MEDIUM
 CVE-2023-1651
< 4.4.9
The AI ChatBot WordPress plugin before 4.4.9 does not have authorisation and CSRF in the AJAX action responsible to update the Ope
5.4MEDIUM
 CVE-2023-1650
< 4.4.7
The AI ChatBot WordPress plugin before 4.4.7 unserializes user input from cookies via an AJAX action available to unauthenticated
9.8CRITICAL
 CVE-2023-1649
< 4.5.1
The AI ChatBot WordPress plugin before 4.5.1 does not sanitise and escape numerous of its settings, which could allow high privile
4.8MEDIUM
 CVE-2023-1011
< 4.4.5
The AI ChatBot WordPress plugin before 4.4.5 does not escape most of its settings before outputting them back in the dashboard, an
6.1MEDIUM
 CVE-2022-47613
<= 4.3.0
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in QuantumCloud AI ChatBot plugin <= 4.3.0 versions.
5.9MEDIUM
SOC and Response
CVE triage
Stack monitoring
Am I affected
IOC triage
KEV catalog
Recently exploited
Daily brief
Change tracking
Detection Engineering
Coverage workspace
Detection coverage
Coverage check
Telemetry ceiling
SIEM query builder
Sigma rules
SIEM rules
YARA rules
Network rules
D3FEND
Threat Hunting
Threat actors
ATT&CK techniques
Attack paths
Indicators
Atomic tests
Red Team and Pentest
Exploitability triage
Recon pack
Attack paths
CAPEC patterns
Adversary emulation
Compliance and GRC
Framework mapping
Control assessment
Audit view
Coverage report
Atlas Search Threat actors Techniques Tools & malware CWE CAPEC KEV catalog Package vulns
About All capabilities Pricing API docs Live status Privacy policy Terms of service
threatengine.sh