Platform
wordpress
Component
chatbot
Fixed in
4.9.1
4.9.3
CVE-2023-5212 is an Arbitrary File Deletion vulnerability affecting the AI ChatBot plugin for WordPress. This vulnerability allows authenticated attackers, even those with subscriber privileges, to delete arbitrary files on the server, leading to potential site takeover and compromise of shared hosting environments. The vulnerability impacts versions up to and including 4.8.9, and was reintroduced in 4.9.2, but has been resolved in version 4.9.3.
The impact of CVE-2023-5212 is severe due to the ability of authenticated attackers to delete arbitrary files. This could allow an attacker to delete critical WordPress core files, plugin files, or configuration files, effectively taking control of the website. In shared hosting environments, the vulnerability poses a significant risk as an attacker could potentially delete files belonging to other websites hosted on the same server. The reintroduction of the vulnerability in version 4.9.2 highlights the importance of thorough testing and validation of security fixes before release. A successful exploit could lead to complete website compromise, data loss, and potential reputational damage.
CVE-2023-5212 was publicly disclosed on October 19, 2023. While no active exploitation campaigns have been definitively confirmed, the vulnerability's critical severity and ease of exploitation make it a likely target. The vulnerability is not currently listed on the CISA KEV catalog. Public proof-of-concept exploits are likely to emerge, increasing the risk of widespread exploitation.
Exploit Status
EPSS
0.31% (54% percentile)
CVSS Vector
The primary mitigation for CVE-2023-5212 is to immediately upgrade the AI ChatBot plugin to version 4.9.3 or later. If upgrading is not immediately feasible due to compatibility issues or breaking changes, consider restricting file permissions on the server to limit the attacker's ability to delete files. Implement a Web Application Firewall (WAF) with rules to block suspicious file deletion attempts. Regularly review WordPress plugin installations and ensure they are from trusted sources. After upgrading, confirm the fix by attempting to access and delete a non-critical file via the plugin's interface to verify that file deletion is no longer possible.
Update the AI ChatBot plugin to version 4.9.3 or higher. This version fixes the Arbitrary File Deletion vulnerability. If you cannot update immediately, consider temporarily disabling the plugin.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2023-5212 is a critical vulnerability in the AI ChatBot WordPress plugin allowing authenticated users to delete arbitrary files, potentially leading to site takeover.
You are affected if you are using AI ChatBot version 4.8.9 or earlier, or version 4.9.2. Upgrade to 4.9.3 or later to mitigate the risk.
Upgrade the AI ChatBot plugin to version 4.9.3 or later. If immediate upgrade is not possible, restrict file permissions and consider a WAF.
While no confirmed active exploitation campaigns are known, the vulnerability's severity and ease of exploitation make it a likely target.
Refer to the AI ChatBot plugin's official website or WordPress plugin repository for the latest advisory and update information.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.