Cyber Resilience

CVE-2023-5241

CriticalPublic PoC

Published: 19 October 2023

Published
19 October 2023
Modified
08 April 2026
KEV Added
Patch
CVSS Score v3.1 9.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H
EPSS Score 0.0245 85.5th percentile
Risk Priority 21 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2023-5241 is a critical-severity Path Traversal (CWE-22) vulnerability in Quantumcloud Wpbot. Its CVSS base score is 9.6 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 14.5% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

This vulnerability is AI-related — categorised as Enterprise AI Assistants; in the Other ATLAS/OWASP Terms risk domain; MITRE ATLAS techniques in scope: AI Supply Chain Compromise (AML.T0010), External Harms (AML.T0048).

EU & UK References

Vulnerability details

The AI ChatBot for WordPress is vulnerable to Directory Traversal in versions up to, and including, 4.8.9 as well as 4.9.2 via the qcld_openai_upload_pagetraining_file function. This allows subscriber-level attackers to append "<?php" to any existing file on the server resulting…

more

in potential DoS when appended to critical files such as wp-config.php.

CWE(s)

AI Security AnalysisAI

AI Category
Enterprise AI Assistants
Risk Domain
Other ATLAS/OWASP Terms
OWASP Top 10 for LLMs 2025
None mapped
Classification Reason
The vulnerability affects 'AI ChatBot for WordPress', a plugin providing AI chatbot functionality with OpenAI integration (evident from qcld_openai_upload_pagetraining_file), classifying it as an enterprise AI assistant tool for websites.

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1070.004 File Deletion Stealth
Adversaries may delete files left behind by the actions of their intrusion activity.
T1213.006 Databases Collection
Adversaries may leverage databases to mine valuable information.
T1499 Endpoint Denial of Service Impact
Adversaries may perform Endpoint Denial of Service (DoS) attacks to degrade or block the availability of services to users.
Why these techniques?

Directory traversal enables arbitrary file append for DoS (e.g., corrupting wp-config.php) and facilitates exploitation of public-facing WordPress plugin (T1190, T1499); advisory indicates SQL injection for database access (T1213.006) and file deletion (T1070.004).

MITRE ATLAS TechniquesAI

MITRE ATLAS techniques

AML.T0010: AI Supply Chain CompromiseAML.T0048: External Harms

Affected Assets

quantumcloud
wpbot
4.9.2 · ≤ 4.9.1

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-22

Validates pathnames and filenames to prevent traversal outside intended directories.

References