Lucene search
PatchstackCVELIST:CVE-2024-22309HistoryJan 24, 2024 - 11:42 a.m.
CVE-2024-22309 WordPress ChatBot Plugin <= 5.1.0 is vulnerable to PHP Object Injection
2024-01-2411:42:42
CWE-502
Patchstack
www.cve.org
3
wordpress
chatbot
plugin
vulnerability
object injection
deserialization
quantumcloud
ai
CVSS3
8.7
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
AI Score
9.7
Confidence
High
EPSS
0.001
Percentile
31.1%
Deserialization of Untrusted Data vulnerability in QuantumCloud ChatBot with AI.This issue affects ChatBot with AI: from n/a through 5.1.0.
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "chatbot",
"product": "ChatBot with AI",
"vendor": "QuantumCloud",
"versions": [
{
"changes": [
{
"at": "5.1.1",
"status": "unaffected"
}
],
"lessThanOrEqual": "5.1.0",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
prion
prion
Deserialization of untrusted data
2024-01-24 12:15:00
nvd
nvd
CVE-2024-22309
2024-01-24 12:15:58
cve
cve
CVE-2024-22309
2024-01-24 12:15:58
wpvulndb
wpvulndb
ChatBot < 5.1.1 - Unauthenticated PHP Object Injection
2024-01-24 00:00:00
wordfence
wordfence
CVSS3
8.7
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
AI Score
9.7
Confidence
High
EPSS
0.001
Percentile
31.1%
Related for CVELIST:CVE-2024-22309