CVE-2025-69134: Unauthenticated Arbitrary Content Deletion in OpenAI Chatbot for WordPress – Helper <= 1.1.4 versions.
Summary
CVE-2025-69134 is a vulnerability in the OpenAI Chatbot for WordPress Helper plugin (version 1.1.4 and earlier) that allows attackers without authentication to delete arbitrary content from WordPress sites. The flaw stems from missing authorization checks (CWE-862, a weakness where code doesn't properly verify if a user should be allowed to perform an action).
Vulnerability Details
7.5(high)
EPSS: 0.0%
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
network
low
none
none
July 2, 2026
Classification
Affected Vendors
Related Issues
Original source: https://nvd.nist.gov/vuln/detail/CVE-2025-69134
First tracked: July 2, 2026 at 08:09 PM
Classified by LLM (prompt v3) · confidence: 75%