VYPR

Autochat Automatic Conversation

by WordPress

CVEs (2)

  • CVE-2023-3041MedJul 17, 2023
    risk 0.40cvss 6.1epss 0.00

    The Autochat Automatic Conversation WordPress plugin through 1.1.7 does not sanitise and escape user input before outputting it back on the page, leading to a cross-site Scripting attack.

  • CVE-2025-12043MedNov 25, 2025
    risk 0.34cvss 5.3epss 0.00

    The Autochat Automatic Conversation plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wp_ajax_nopriv_auycht_saveCid' AJAX endpoint in all versions up to, and including, 1.1.9. This makes it possible for…