cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-0447,https://securityvulnerability.io/vulnerability/CVE-2024-0447,Unauthorized Data Modification in ArtiBot Free Chat Bot for WordPress,"The ArtiBot Free Chat Bot for WordPress is susceptible to unauthorized data modification due to a missing capability check in the artibot_update function. This vulnerability affects all versions up to and including 1.1.6, allowing authenticated attackers with subscriber-level access or higher to modify plugin settings without proper permissions. It is crucial for site administrators to update the plugin and review user permissions to mitigate potential exploitation risks.",Wordpress,Artibot Free Chat Bot For WordPress Websites,5,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,2024-03-13T15:27:02.296Z,0
CVE-2024-0449,https://securityvulnerability.io/vulnerability/CVE-2024-0449,Stored Cross-Site Scripting Vulnerability in ArtiBot Free Chat Bot Plugin for WordPress,"The ArtiBot Free Chat Bot for WordPress plugin contains a vulnerability that allows authenticated users with administrator-level permissions to conduct stored cross-site scripting attacks. Due to inadequate input sanitization and output escaping within the admin settings, these users can inject malicious scripts into pages. Consequently, these scripts execute whenever a user visits an affected page. This issue primarily affects multi-site installations and those configurations where unfiltered_html is disabled, exposing users to potential data theft and compromised session integrity.",Wordpress,Artibot Free Chat Bot For WordPress Websites,4.4,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,2024-03-13T15:26:45.801Z,0