ChatBot < 4.4.5 - Stored XSS via CSRF

Vulnerability

The AI ChatBot WordPress plugin version 4.4.4 and earlier does not escape most of its settings before outputting them in the admin dashboard and lacks a proper CSRF check [1]. This allows attackers to craft a request that, when executed by a logged-in administrator, sets XSS payloads in the plugin settings [1]. The CSRF issue was fixed in version 4.4.5, but the escaping issue was only fully resolved in version 4.5.1 [1].

Exploitation

An attacker can craft a malicious link or form that, when visited by an authenticated administrator, performs a cross-site request forgery (CSRF) attack [1]. The attacker does not need authentication themselves; they only need to trick an admin user into interacting with the crafted request [1]. The request modifies plugin settings to include unsanitized JavaScript payloads [1]. No special network position is required beyond delivering the CSRF trigger to the admin.

Impact

Successful exploitation leads to stored cross-site scripting (XSS) within the WordPress admin dashboard [1]. The attacker can execute arbitrary JavaScript in the context of the admin's session, potentially leading to full site compromise, data theft, privilege escalation, or further malicious actions [1].

Mitigation

Update the AI ChatBot plugin to version 4.5.1 or later, which includes fixes for both the CSRF and the escaping issues [1]. If immediate update is not possible, ensure that admin users do not click on untrusted links while logged into WordPress and consider using security plugins that enforce CSRF tokens [1]. The plugin is not listed on CISA's Known Exploited Vulnerabilities (KEV) catalog as of this writing.