CVE-2025-5570 | AI Engine Plugin up to 2.8.4 on WordPress Shortcode mwai_chatbot ID cross site scripting

Inserito da Angelo Barbosa | Lug 7, 2025 | CVE

A vulnerability was found in AI Engine Plugin up to 2.8.4 on WordPress. It has been rated as problematic. Affected by this issue is the function mwai_chatbot of the component Shortcode Handler. The manipulation of the argument ID leads to cross site scripting.

This vulnerability is handled as CVE-2025-5570. The attack may be launched remotely. There is no exploit available.

CVE-2025-5570 | AI Engine Plugin up to 2.8.4 on WordPress Shortcode mwai_chatbot ID cross site scripting

Post correlati

CVE-2024-0537 | Tenda W9 1.0.0.7(4456) httpd setWrlBasicInfo ssidIndex stack-based overflow

CVE-2024-22193 | vantage6 up to 4.1.x Task insecure storage of sensitive information (GHSA-rjmv-52mp-gjrr)

CVE-2024-13183 | ThemeIsle Orbit Fox Plugin up to 2.10.43 on WordPress title_tag cross site scripting

CVE-2024-3253 | SourceCodester Internship Portal Management System 1.0 admin/add_admin.php name/username/password sql injection