CVE-2023-5204

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Oct 19, 2023
Updated: Dec 22, 2023
CWE ID 89

Summary

CVE-2023-5204 is a critical vulnerability affecting the ChatBot plugin for WordPress versions up to and including 4.8.9. The vulnerability allows unauthenticated attackers to exploit SQL Injection by appending additional SQL queries to existing queries through the $strid parameter, resulting in potential extraction of sensitive information from the database. The affected products include various versions of tIgByP, tIgByT, sB97bk, sB97bl, and many more. There is no specific remediation mentioned in the provided information. This vulnerability has a high base severity score of 7.5 according to NVD@nist.gov, with a confidentiality impact rated as high.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-5204 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options