ChatBot
QuantumCloud
Developer
7.9.5
Latest version
6,000
Installations
No date
Last updated
Vulnerability history
0 present
32 patched
11 Mitigation rules
- SQL Injection vulnerability<= 7.7.920/03/2026
- Missing Authorization via openai_file_delete_callback vulnerability<= 5.3.403/02/2026
- Missing Authorization via openai_file_list_callback vulnerability<= 5.3.403/02/2026
- Broken Access Control vulnerability<= 7.7.313/10/2025
- Broken Access Control vulnerability<= 7.3.912/10/2025
- Admin+ Stored XSS vulnerability< 7.1.009/09/2025
- Broken Access Control Vulnerability<= 6.7.327/06/2025
- Admin+ Stored XSS vulnerability< 6.2.419/05/2025
- Local File Inclusion vulnerability<= 6.3.523/02/2025
- Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability<= 5.5.717/07/2024
- Missing Authorization via multiple functions vulnerability<= 5.3.422/05/2024
- Unauthenticated PHP Object Injection vulnerability<= 5.4.519/01/2024
- SQL Injection vulnerability<= 4.7.823/11/2023
- Wordpress ChatBot plugin 4.8.6 - 4.9.6 - Authenticated (Administrator+) Stored Cross-Site Scripting in FAQ Builder vulnerability4.8.6-4.9.602/11/2023
- Unauthenticated SQL Injection via qc_wpbo_search_response vulnerability<= 4.8.912/10/2023
- Authenticated (Subscriber+) Arbitrary File Deletion via qcld_openai_delete_training_file vulnerability<= 4.8.912/10/2023
- Authenticated (Subscriber+) Directory Traversal to Arbitrary File Write via qcld_openai_upload_pagetraining_file vulnerability<= 4.8.912/10/2023
- Cross-Site Request Forgery on AJAX actions vulnerability<= 4.8.912/10/2023
- Missing Authorization on AJAX actions vulnerability<= 4.8.912/10/2023
- Unauthenticated Sensitive Information Exposure via qcld_wb_chatbot_check_user vulnerability<= 4.8.912/10/2023
- Cross Site Request Forgery (CSRF) vulnerability<= 4.7.802/10/2023
- Admin+ Stored XSS in Language Settings vulnerability< 4.7.810/08/2023
- Admin+ Stored XSS in FAQ Builder vulnerability< 4.7.810/08/2023
- Admin+ Stored Cross-Site Scripting vulnerability< 4.5.519/06/2023
- Admin+ Stored Cross-Site Scripting vulnerability< 4.5.619/06/2023
- Auth. OpenAI Settings Update to Stored XSS vulnerability<= 4.4.820/04/2023
- Unauthenticated Stored XSS vulnerability<= 4.4.820/04/2023
- Unauth. PHP Object Injection vulnerability<= 4.4.620/04/2023
- Stored XSS via CSRF vulnerability<= 4.4.420/04/2023
- Missing Authorization on openai_settings_option_callback vulnerability<= 4.4.730/03/2023
- Multiple Cross Site Scripting (XSS)<= 4.3.027/01/2023
- Cross Site Request Forgery (CSRF)<= 4.2.827/01/2023