{"data":{"id":"0364471d-3e91-4352-8d36-b9f928c5fa79","title":"CVE-2024-6846: The Chatbot with ChatGPT WordPress plugin before 2.4.5 does not validate access on some REST routes, allowing for an una","summary":"A security flaw was found in the Chatbot with ChatGPT WordPress plugin (versions before 2.4.5) where certain REST routes (endpoints that external programs use to interact with the plugin) did not properly check user permissions, allowing anyone without logging in to delete error and chat logs.","solution":"Update the Chatbot with ChatGPT WordPress plugin to version 2.4.5 or later.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2024-6846","publishedAt":"2024-09-05T10:15:03.143Z","cveId":"CVE-2024-6846","cweIds":null,"cvssScore":"5.3","cvssSeverity":"medium","severity":"medium","attackType":["other"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["ChatGPT WordPress plugin"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.06306,"patchAvailable":null,"disclosureDate":null,"capecIds":null,"crossRefCount":0,"attackSophistication":"trivial","impactType":["confidentiality","integrity"],"aiComponentTargeted":"api","llmSpecific":false,"classifierConfidence":0.75,"researchCategory":null,"atlasIds":null}}