Untriaged
Permalink
CVE-2024-22309
8.7 HIGH
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): HIGH
- Privileges required (PR): NONE
- User interaction (UI): NONE
- Scope (S): CHANGED
- Confidentiality impact (C): HIGH
- Integrity impact (I): HIGH
- Availability impact (A): NONE
WordPress ChatBot Plugin <= 5.1.0 is vulnerable to PHP Object Injection
Deserialization of Untrusted Data vulnerability in QuantumCloud ChatBot with AI.This issue affects ChatBot with AI: from n/a through 5.1.0.
References
- https://patchstack.com/database/vulnerability/chatbot/wordpress-ai-chatbot-plug… vdb-entry
- https://patchstack.com/database/vulnerability/chatbot/wordpress-ai-chatbot-plug… vdb-entry
- https://patchstack.com/database/vulnerability/chatbot/wordpress-ai-chatbot-plug… vdb-entry x_transferred
- https://patchstack.com/database/vulnerability/chatbot/wordpress-ai-chatbot-plug… vdb-entry
- https://patchstack.com/database/vulnerability/chatbot/wordpress-ai-chatbot-plug… vdb-entry x_transferred
Affected products
chatbot
- =<5.1.0
Matching in nixpkgs
pkgs.gnomeExtensions.penguin-ai-chatbot
A GNOME Shell extension that provides a chatbot interface using various LLM providers, including Anthropic, OpenAI, Gemini, and OpenRouter. Features include multiple provider support, customizable models, chat history, customizable appearance, a keyboard shortcut, and copy-to-clipboard functionality.
-
nixos-unstable -
- nixpkgs-unstable 22
Package maintainers
-
@honnip Jung seungwoo <me@honnip.page>