Unrestricted Upload of File with Dangerous Type Vulnerability Affects Kognetiks Chatbot for WordPress
CVE-2024-32700

10CRITICAL

Key Information:

Vendor: Wordpress
Status: Kognetiks Chatbot For WordPress
Vendor: CVE Published:; 14 May 2024

Summary

The Kognetiks Chatbot for WordPress is susceptible to an unrestricted file upload vulnerability, allowing attackers to upload files with dangerous types. This flaw can lead to various security risks including unauthorized access and code execution on the server. Affected versions prior to 2.0.0 are particularly vulnerable, necessitating immediate actions to mitigate the risk. Website administrators are urged to assess their installations and apply necessary patches to protect against potential exploitation.

Affected Version(s)

Kognetiks Chatbot for WordPress <= 2.0.0

References

https://patchstack.com/database/vulnerability/chatbot-cha...

vdb-entry

CVSS V3.1

Score:

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
May 14, 2024
Vulnerability Reserved
Apr 17, 2024

Credit

LVT-tholv2k (Patchstack Alliance)