CVE Catalog

CVE-2025-69134

HighCVSS 7.5
Published: Updated: Translated: NVD NIST

Summary

The OpenAI Chatbot for WordPress – Helper plugin version 1.1.4 and earlier contains a vulnerability allowing unauthenticated attackers to delete arbitrary content. The flaw is due to missing authorization and input validation.

Risk Assessment

An attacker can delete arbitrary files or database entries in WordPress, leading to data loss, site defacement, or complete site unavailability.

Recommendation

Immediately update the OpenAI Chatbot for WordPress – Helper plugin to the latest available version. If an update is not possible, consider temporarily disabling the plugin.

Original NVD description (English source)

Unauthenticated Arbitrary Content Deletion in OpenAI Chatbot for WordPress – Helper <= 1.1.4 versions.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS