What the vulnerability does
01Description
Unauthenticated Arbitrary Content Deletion in OpenAI Chatbot for WordPress – Helper <= 1.1.4 versions.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
What the vulnerability does
Unauthenticated Arbitrary Content Deletion in OpenAI Chatbot for WordPress – Helper <= 1.1.4 versions.
Explanation of Vulnerability in Simple Terms
The OpenAI Chatbot for WordPress plugin through version 1.1.4 lacks proper authorization checks, allowing unauthenticated attackers to disrupt the chatbot service. An attacker can send requests over the network without needing credentials or user interaction to trigger a denial-of-service condition. Site administrators should update immediately to a version newer than 1.1.4.
What an attacker can do
Make the chatbot unavailable to legitimate users by sending requests that overload or crash the service.
Potential impact on your site
Your chatbot feature becomes unavailable to visitors, affecting user engagement and support capabilities.
Conditions required to exploit
Network access only; no authentication or user interaction required.
Key dates
External resources
Related vulnerabilities