CVE-2024-6846

medium

Description

The Chatbot with ChatGPT WordPress plugin before 2.4.5 does not validate access on some REST routes, allowing for an unauthenticated user to purge error and chat logs

References

https://wpscan.com/vulnerability/d48fdab3-669c-4870-a2f9-6c39a7c25fd8/

Details

Source: Mitre, NVD

Published: 2024-09-05

Updated: 2024-09-05

Risk Information

CVSS v2

Base Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 5.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N