CVE-2024-6847 Information

Description

The Chatbot with ChatGPT WordPress plugin before 2.4.5 does not properly sanitise and escape a parameter before using it in a SQL statement leading to a SQL injection exploitable by unauthenticated users when submitting messages to the chatbot.

Reference

https://wpscan.com/vulnerability/baa860bb-3b7d-438a-ad54-92bf8e21e851/