Medium severity5.3NVD Advisory· Published Oct 20, 2023· Updated Apr 8, 2026
CVE-2023-5533
CVE-2023-5533
Description
The AI ChatBot plugin for WordPress is vulnerable to unauthorized use of AJAX actions due to missing capability checks on the corresponding functions in versions up to, and including, 4.8.9 as well as 4.9.2. This makes it possible for unauthenticated attackers to perform some of those actions that were intended for higher privileged users.
Affected products
3cpe:2.3:a:quantumcloud:wpbot:4.9.2:*:*:*:*:wordpress:*:*+ 1 more
- cpe:2.3:a:quantumcloud:wpbot:4.9.2:*:*:*:*:wordpress:*:*
- cpe:2.3:a:quantumcloud:wpbot:*:*:*:*:*:wordpress:*:*range: <=4.8.9
- Range: <=4.8.9, <=4.9.2
Patches
Vulnerability mechanics
References
2- plugins.trac.wordpress.org/changesetnvdPatch
- www.wordfence.com/threat-intel/vulnerabilities/id/a9db002f-ff41-493a-87b1-5f0b4b07cfc2nvdProductThird Party Advisory
News mentions
0No linked articles in our index yet.