CVE-2023-2811

The AI ChatBot WordPress plugin before 4.5.6 does not sanitise and escape numerous of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks to all admin when setting chatbot and all client when using chatbot > MITRE Terms of Use apply – see LICENSE‑MITRE.txt