ChatBot < 4.3.0 – Settings Reset via CSRF | CVE 2023-24415

Affects Plugins

chatbot

Fixed in 4.3.0

References

CVE

CVE-2023-24415

Classification

Type

CSRF

OWASP top 10

A2: Broken Authentication and Session Management

CWE

CWE-352

CVSS

4.3 (medium)

Miscellaneous

Original Researcher

Rafshanzani Suhada

Verified

No

WPVDB ID

70f7e26b-32e3-4a27-8867-cc78d434c877

Timeline

Publicly Published

2023-02-23 (about 3 years ago)

Added

2023-02-23 (about 3 years ago)

Last Updated

2023-02-23 (about 3 years ago)

Other

Published

Title

Published

2025-03-11

Title

WP Bulk Post Duplicator <= 1.2 - Cross-Site Request Forgery

Published

2025-12-31

Title

Robots.txt rewrite <= 1.6.1 - Cross-Site Request Forgery

Published

2024-07-11

Title

Dynamic Word Spinner: CSS3 Animated Rotation < 5.7 - Cross-Site Request Forgery

Published

2023-03-20

Title

Simple Mobile URL Redirect <= 1.7.2 - Cross-Site Request Forgery

Published

2022-10-28

Title

Creative Mail < 1.6.0 - Settings Reset via CSRF