CVE-2023-5241
published 2023-10-19CVE-2023-5241: The AI ChatBot for WordPress is vulnerable to Directory Traversal in versions up to, and including, 4.8.9 as well as 4.9.2 via the…
PriorityP349high8.1CVSS 3.1
AVNACLPRLUINSUCNIHAH
EPSS
2.07%
79.0th percentile
The AI ChatBot for WordPress is vulnerable to Directory Traversal in versions up to, and including, 4.8.9 as well as 4.9.2 via the qcld_openai_upload_pagetraining_file function. This allows subscriber-level attackers to append "<?php" to any existing file on the server resulting in potential DoS when appended to critical files such as wp-config.php.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| quantumcloud | wpbot | < 4.9.1 | 4.9.1 |
| quantumcloud | wpbot | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-jcj9-xfvr-vjm3: The AI ChatBot for WordPress is vulnerable to Directory Traversal in version 4
ghsa_unreviewed·2023-10-20·CVSS 9.6
CVE-2023-5646 [CRITICAL] CWE-22 GHSA-jcj9-xfvr-vjm3: The AI ChatBot for WordPress is vulnerable to Directory Traversal in version 4
The AI ChatBot for WordPress is vulnerable to Directory Traversal in version 4.9.2 via the qcld_openai_upload_pagetraining_file function. This allows subscriber-level attackers to append "<?php" to any existing file on the server resulting in potential DoS when appended to critical files such as wp-config.php. This vulnerability is the same as CVE-2023-5241, but was reintroduced in version 4.9.2.
GHSA
GHSA-v28w-vh2w-263g: The AI ChatBot for WordPress is vulnerable to Directory Traversal in versions up to, and including, 4
ghsa_unreviewed·2023-10-19
CVE-2023-5241 [HIGH] CWE-22 GHSA-v28w-vh2w-263g: The AI ChatBot for WordPress is vulnerable to Directory Traversal in versions up to, and including, 4
The AI ChatBot for WordPress is vulnerable to Directory Traversal in versions up to, and including, 4.8.9 via the qcld_openai_upload_pagetraining_file function. This allows subscriber-level attackers to append "<?php" to any existing file on the server resulting in potential DoS when appended to critical files such as wp-config.php.
Suricata
ET SCADA Rockwell RNA Message Large Header Length - 8Kb
suricata·2011-09-30
ET SCADA Rockwell RNA Message Large Header Length - 8Kb
ET SCADA Rockwell RNA Message Large Header Length - 8Kb
Rule: alert tcp any !443 -> $HOME_NET [1330,1331,1332,4241,4242,4445,4446,5241,6543,9111,60093,49281] (msg:"ET SCADA Rockwell RNA Message Large Header Length - 8Kb"; flow:established,to_server; content:"rna|f2|"; startswith; fast_pattern; byte_test:4,>,0x2000,0,relative,little; classtype:attempted-dos; sid:2049795; rev:5; metadata:attack_target ICS, created_at 2011_09_30, cve CVE_2011_3489, deployment Internal, confidence Medium, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2023_12_27, reviewed_at 2024_03_06, former_sid 2803783; target:dest_ip;)
No public exploits indexed.
No writeups or analysis indexed.
https://plugins.trac.wordpress.org/browser/chatbot/trunk/includes/openai/qcld-bot-openai.php#L376https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2977505%40chatbot%2Ftrunk&old=2967435%40chatbot%2Ftrunk&sfp_email=&sfph_mail=https://www.wordfence.com/threat-intel/vulnerabilities/id/25199281-5286-4d75-8d27-26ce215e0993?source=cvehttp://packetstormsecurity.com/files/175371/WordPress-AI-ChatBot-4.8.9-SQL-Injection-Traversal-File-Deletion.htmlhttps://plugins.trac.wordpress.org/browser/chatbot/trunk/includes/openai/qcld-bot-openai.php#L376https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2977505%40chatbot%2Ftrunk&old=2967435%40chatbot%2Ftrunk&sfp_email=&sfph_mail=https://www.wordfence.com/threat-intel/vulnerabilities/id/25199281-5286-4d75-8d27-26ce215e0993?source=cve
2023-10-19
Published