Kognetiks Chatbot for WordPress <= 2.1.7 - Missing Authorization to Authenticated (Subscriber+) Assistant Deletion

Vulnerability

The Kognetiks Chatbot for WordPress plugin (plugin slug: chatbot-chatgpt) is vulnerable to unauthorized deletion of GPT assistants due to a missing capability check on the delete_assistant() function. This affects all versions up to and including 2.1.7 [1]. The function is callable by authenticated users but does not verify that the user has the required administrative privileges, making the deletion functionality accessible to any authenticated user.

Exploitation

An attacker must be authenticated to the WordPress site with at least subscriber-level access. The attacker can then directly invoke the vulnerable delete_assistant() function, likely via an AJAX action or direct function call, without needing any additional permissions or user interaction. The attack vector is network-based and requires no special configuration beyond having a valid account on the site [1].

Impact

Successful exploitation allows an authenticated attacker to delete GPT assistants created by the plugin. This results in unauthorized modification of data, disrupting the chatbot's functionality and potentially removing AI assistant configurations that are in use on the site. The attacker does not gain elevated privileges or access to sensitive data beyond the ability to delete assistants [1].

Mitigation

The vendor has released version 2.1.8 to address this vulnerability. Users should update to version 2.1.8 or later. As of the publication date (2024-11-13), no workarounds are documented, but applying the plugin update is the recommended mitigation [1].