Cross-Site Request Forgery Vulnerability in AI ChatBot Plugin for WordPress
CVE-2023-5534
5.4MEDIUM
What is CVE-2023-5534?
The AI ChatBot plugin for WordPress is susceptible to Cross-Site Request Forgery due to improper nonce validation in versions 4.8.9 and 4.9.2. This vulnerability allows unauthenticated attackers to execute malicious requests by tricking a site administrator into clicking a crafted link, potentially compromising site integrity. It is essential for users to update to the latest version to mitigate this security risk.
Affected Version(s)
AI ChatBot * <= 4.8.9
AI ChatBot 4.9.2