ChatGPT WordPress plugin – Cross-Site Scripting vulnerability [CVE-2024-6843]

August 20, 2024 Kerry Dean 462 Views 0 Comments ChatGPT, CVE-2024-6843, WordPress Plugin Vulnerability, XSS 0 min read

CVE number = CVE-2024-6843

The Chatbot with ChatGPT WordPress plugin before 2.4.5 does not sanitise and escape user inputs, which could allow unauthenticated users to perform Stored Cross-Site Scripting attacks against admins.

The plugin must have an active OpenAI API key to exploit this.

Further details – https://wpscan.com/vulnerability/9a5cb440-065a-445a-9a09-55bd5f782e85/

Kerry Dean

Kerry is a Content Creator at www.systemtek.co.uk she has spent many years working in IT support, her main interests are computing, networking and AI.

ChatGPT WordPress plugin – Cross-Site Scripting vulnerability [CVE-2024-6843]

Like this:

Related Posts

Kerry Dean

Leave a ReplyCancel reply

Share this:

Like this:

Related Posts

Kerry Dean

Leave a ReplyCancel reply