Critical CVSS: CRITICAL CVE-2023-5212 vulnerability

CVE-2023-5212: The AI ChatBot plugin for WordPress is vulnerable to Arbitrary File Deletion in

Tracked since May 6, 2026 View on NVD
cve CVE-2023-5212 cvss-9

CVSS Breakdown

9.6
CVSS Base Score
CRITICAL
Attack Vector
N/A
Requires physical access to exploit.
CIA Impact
Confidentiality N/A
Integrity N/A
Availability N/A

Insurance Impact Assessment

🛡️
Critical Impact

Critical vulnerabilities require urgent remediation. Insurers may impose coverage conditions, increased retentions, or exclusion endorsements until patches are applied.

CVE CVE-2023-5212 with CVSS 9.6. The AI ChatBot plugin for WordPress is vulnerable to Arbitrary File Deletion in versions up to, and including, 4.8.9 as well as version 4.9.2. This makes it possible for authenticated attackers with subscriber privileges to delete arbitrary files on the server, which makes it possible to take over a

View on NVD

Assess your exposure

Is your organization vulnerable? Run a free domain exposure scan to check.

Scan Your Domain → Broker Scorecard

Related Threats

CVE-2026-40281
CVSS 10 critical
CVE-2023-34992: A improper neutralization of special elements used in an os command ('os command
CVSS 10 critical
CVE-2023-34976: A SQL injection vulnerability has been reported to affect Video Station. If expl
CVSS 10 critical
CVE-2023-25960: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti
CVSS 10 critical
CVE-2023-4994: The Allow PHP in Posts and Pages plugin for WordPress is vulnerable to Remote Co
CVSS 9.9 critical
← Back to Threat Feed