ChatBot
QuantumCloud
Developer
7.5.3
Latest version
6,000
Installations
4 days ago
Last updated
Vulnerability history
1 present
28 fixed
10 Mitigation rules
- Broken Access Control vulnerability<= 7.5.3Oct 13, 2025
- Broken Access Control vulnerability<= 7.3.9Oct 12, 2025
- Admin+ Stored XSS vulnerability< 7.1.0Sep 9, 2025
- Broken Access Control Vulnerability<= 6.7.3Jun 27, 2025
- Admin+ Stored XSS vulnerability< 6.2.4May 19, 2025
- Local File Inclusion vulnerability<= 6.3.5Feb 23, 2025
- Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability<= 5.5.7Jul 17, 2024
- Missing Authorization via multiple functions vulnerability<= 5.3.4May 22, 2024
- Unauthenticated PHP Object Injection vulnerability<= 5.4.5Jan 19, 2024
- SQL Injection vulnerability<= 4.7.8Nov 23, 2023
- Wordpress ChatBot plugin 4.8.6 - 4.9.6 - Authenticated (Administrator+) Stored Cross-Site Scripting in FAQ Builder vulnerability4.8.6-4.9.6Nov 2, 2023
- Unauthenticated SQL Injection via qc_wpbo_search_response vulnerability<= 4.8.9Oct 12, 2023
- Authenticated (Subscriber+) Arbitrary File Deletion via qcld_openai_delete_training_file vulnerability<= 4.8.9Oct 12, 2023
- Authenticated (Subscriber+) Directory Traversal to Arbitrary File Write via qcld_openai_upload_pagetraining_file vulnerability<= 4.8.9Oct 12, 2023
- Cross-Site Request Forgery on AJAX actions vulnerability<= 4.8.9Oct 12, 2023
- Missing Authorization on AJAX actions vulnerability<= 4.8.9Oct 12, 2023
- Unauthenticated Sensitive Information Exposure via qcld_wb_chatbot_check_user vulnerability<= 4.8.9Oct 12, 2023
- Cross Site Request Forgery (CSRF) vulnerability<= 4.7.8Oct 2, 2023
- Admin+ Stored XSS in Language Settings vulnerability< 4.7.8Aug 10, 2023
- Admin+ Stored XSS in FAQ Builder vulnerability< 4.7.8Aug 10, 2023
- Admin+ Stored Cross-Site Scripting vulnerability< 4.5.5Jun 19, 2023
- Admin+ Stored Cross-Site Scripting vulnerability< 4.5.6Jun 19, 2023
- Auth. OpenAI Settings Update to Stored XSS vulnerability<= 4.4.8Apr 20, 2023
- Unauthenticated Stored XSS vulnerability<= 4.4.8Apr 20, 2023
- Unauth. PHP Object Injection vulnerability<= 4.4.6Apr 20, 2023
- Stored XSS via CSRF vulnerability<= 4.4.4Apr 20, 2023
- Missing Authorization on openai_settings_option_callback vulnerability<= 4.4.7Mar 30, 2023
- Multiple Cross Site Scripting (XSS)<= 4.3.0Jan 27, 2023
- Cross Site Request Forgery (CSRF)<= 4.2.8Jan 27, 2023