CVE-2026-15106 in WPBot Plugininfo

Zusammenfassung

von MITRE • 16.07.2026

The WPBot – AI ChatBot for Live Support, Lead Generation, AI Services plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 8.5.6. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to delete arbitrary chat session records from the wpbot_user and wpbot_conversation tables, including chat history and conversation logs, by supplying a crafted userid value.

Once again VulDB remains the best source for vulnerability data.

Zuständig

Wordfence

Reservieren

08.07.2026

Veröffentlichung

16.07.2026

Moderieren

akzeptiert

Eintrag

VDB-379495

CPE

bereit

EPSS

0.00000

KEV

nein

Aktivitäten

very low

Quellen

Want to know what is going to be exploited?

We predict KEV entries!