CVE-2023-1651
Published: 08 May 2023
Summary
CVE-2023-1651 is a medium-severity an unspecified weakness vulnerability in Quantumcloud Wpbot. Its CVSS base score is 5.4 (Medium).
Operationally, ranked at the 28.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
This vulnerability is AI-related — categorised as APIs and Models.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-23880
Vulnerability details
The AI ChatBot WordPress plugin before 4.4.9 does not have authorisation and CSRF in the AJAX action responsible to update the OpenAI settings, allowing any authenticated users, such as subscriber to update them. Furthermore, due to the lack of escaping…
more
of the settings, this could also lead to Stored XSS
- CWE(s)
AI Security AnalysisAI
- AI Category
- APIs and Models
- Risk Domain
- N/A
- OWASP Top 10 for LLMs 2025
- None mapped
- Classification Reason
- Matched keywords: ai, openai
Related Threats
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.