| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-9627 | TeploBot - Telegram Bot for WP <= 1.3 - Telegram Bot Token Disclosure | gsuvorov | TeploBot – Telegram Bot for WP | High | 8.6 | 2024-10-22 06:50:30 | Deep Dive |
| CVE-2024-9821 | Bot for Telegram on WooCommerce <= 1.2.7 - Authenticated (Subscriber+) Telegram Bot Token Disclosure to Authentication Bypass | guruteam | Bot for Telegram on WooCommerce | High | 8.8 | 2024-10-12 02:05:45 | Deep Dive |
| CVE-2024-42335 | 7Twenty - CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | 7Twenty | 7Twenty Bot | Medium | 5.4 | 2024-08-20 12:18:14 | Deep Dive |
| CVE-2024-38109 | Azure Health Bot Elevation of Privilege Vulnerability | Microsoft | Azure Health Bot | Critical | 9.1 | 2024-08-13 17:30:41 | Deep Dive |
| CVE-2024-4344 | Shield Security – Smart Bot Blocking & Intrusion Prevention Security <= 19.1.13 - Cross-Site Request Forgery | paultgoodchild | Shield: Blocks Bots, Protects Users, and Prevents Security Breaches | Medium | 4.3 | 2024-06-02 04:30:31 | Deep Dive |
| CVE-2024-34147 | Jenkins Plugin Telegram Bot 安全漏洞 | Jenkins Project | Jenkins Telegram Bot Plugin | 低危 | - | 2024-05-02 13:28:05 | Deep Dive |
| CVE-2024-31372 | WordPress No-Bot Registration plugin <= 1.9.1 - Cross Site Request Forgery (CSRF) vulnerability | Arnan de Gans | No-Bot Registration | Medium | 4.3 | 2024-04-12 09:27:14 | Deep Dive |
| CVE-2024-0447 | ArtiBot Free Chat Bot for WordPress WebSites <= 1.1.6 - Missing Authorization to Settings Update | artibot | ArtiBot Free Chat Bot for WebSites | Medium | 5.0 | 2024-03-13 15:27:02 | Deep Dive |
| CVE-2024-0449 | ArtiBot Free Chat Bot for WordPress WebSites <= 1.1.6 - Authenticated (Admin+) Cross-Site Scripting | artibot | ArtiBot Free Chat Bot for WebSites | Medium | 4.4 | 2024-03-13 15:26:46 | Deep Dive |
| CVE-2023-6989 | Shield Security – Smart Bot Blocking & Intrusion Prevention Security <= 18.5.9 - Unauthenticated Local File Inclusion | paultgoodchild | Shield: Blocks Bots, Protects Users, and Prevents Security Breaches | Critical | 9.8 | 2024-02-05 21:21:31 | Deep Dive |
| CVE-2024-22163 | WordPress Shield Security Plugin <= 18.5.7 is vulnerable to Cross Site Scripting (XSS) | Shield Security | Shield Security – Smart Bot Blocking & Intrusion Prevention Security | High | 7.1 | 2024-01-31 17:57:37 | Deep Dive |
| CVE-2023-37221 | 7Twenty BOT - CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'). | 7Twenty | BOT | High | 8.8 | 2023-09-03 13:55:27 | Deep Dive |
| CVE-2023-34006 | WordPress Telegram Bot & Channel Plugin <= 3.6.2 is vulnerable to Cross Site Scripting (XSS) | Marco Milesi | Telegram Bot & Channel | Medium | 5.9 | 2023-06-22 12:58:35 | Deep Dive |
| CVE-2023-0993 | Shield Security <= 17.0.17 - Missing Authorization | paultgoodchild | Shield: Blocks Bots, Protects Users, and Prevents Security Breaches | Medium | 4.3 | 2023-06-09 05:33:19 | Deep Dive |
| CVE-2023-0992 | Shield Security <= 17.0.17 - Unauthenticated Stored Cross-Site Scripting | paultgoodchild | Shield: Blocks Bots, Protects Users, and Prevents Security Breaches | High | 7.2 | 2023-06-09 05:33:11 | Deep Dive |
| CVE-2015-10096 | Zarthus IRC Twitter Announcer Bot twitter_announcer.rb get_tweets command injection | Zarthus | IRC Twitter Announcer Bot | Medium | 5.0 | 2023-03-20 04:31:03 | Deep Dive |
| CVE-2014-125066 | emmflo yuko-bot denial of service | emmflo | yuko-bot | Medium | 4.3 | 2023-01-08 08:58:22 | Deep Dive |
| CVE-2022-21669 | Bot token exposed in main.py | PuddingBot | pudding-bot | Critical | 9.1 | 2022-01-11 00:00:00 | Deep Dive |
| CVE-2021-43225 | Bot Framework SDK Remote Code Execution Vulnerability | Microsoft | Bot Framework SDK for .NET Framework | High | 7.5 | 2021-12-15 14:15:11 | Deep Dive |
| CVE-2021-41250 | Presence of non-blacklisted URL bypasses all other filters | python-discord | bot | Medium | 4.3 | 2021-11-05 22:45:11 | Deep Dive |