Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Kognetiks — Vulnerabilities & Security Advisories 9

Browse all 9 CVE security advisories affecting Kognetiks. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Kognetiks develops AI-powered customer experience platforms for enterprises, with a core use case in personalized customer engagement. Historically, their products have been vulnerable to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from improper input validation and insecure authentication mechanisms. The company has recorded 9 CVEs to date, with several critical flaws allowing unauthorized access and system compromise. While no major public security incidents have been documented, the consistent pattern of vulnerabilities in web application components suggests ongoing challenges in secure coding practices, particularly in API and session management implementations.

Top products by Kognetiks: Kognetiks Chatbot for WordPress
CVE IDTitleCVSSSeverityPublished
CVE-2025-11256 Kognetiks Chatbot <= 2.3.5 - Missing Authorization to Unauthenticated Limited File Uploads and Conversation Erasing — Kognetiks Chatbot for WordPressCWE-285 5.3 Medium2025-10-18
CVE-2024-11143 Kognetiks Chatbot for WordPress <= 2.1.8 - Cross-Site Request Forgery to Authenticated (Subscriber+) Assistant Modification — Kognetiks Chatbot for WordPressCWE-352 4.3 Medium2024-11-13
CVE-2024-10529 Kognetiks Chatbot for WordPress <= 2.1.7 - Missing Authorization to Authenticated (Subscriber+) Assistant Deletion — Kognetiks Chatbot for WordPressCWE-862 5.3 Medium2024-11-13
CVE-2024-10684 Kognetiks Chatbot for WordPress <= 2.1.7 - Reflected Cross-Site Scripting — Kognetiks Chatbot for WordPressCWE-79 6.1 Medium2024-11-13
CVE-2024-10531 Kognetiks Chatbot for WordPress <= 2.1.7 - Missing Authorization to Authenticated (Subscriber+) Assistant Update — Kognetiks Chatbot for WordPressCWE-862 5.3 Medium2024-11-13
CVE-2024-10530 Kognetiks Chatbot for WordPress <= 2.1.7 - Missing Authorization to Authenticated (Subscriber+) Assistant Addition — Kognetiks Chatbot for WordPressCWE-862 4.3 Medium2024-11-13
CVE-2024-35738 WordPress Kognetiks Chatbot for WordPress plugin <= 1.9.8 - Cross Site Scripting (XSS) vulnerability — Kognetiks Chatbot for WordPressCWE-79 6.5 Medium2024-06-08
CVE-2024-32700 WordPress Kognetiks Chatbot for WordPress plugin <= 2.0.0 - Arbitrary File Upload vulnerability — Kognetiks Chatbot for WordPressCWE-434 10.0 Critical2024-05-13
CVE-2024-4560 Kognetiks Chatbot for WordPress <= 1.9.9 - Unauthenticated Arbitrary File Upload via chatbot_chatgpt_upload_file_to_assistant Function — Kognetiks Chatbot for WordPressCWE-434 9.8 Critical2024-05-11

This page lists every published CVE security advisory associated with Kognetiks. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.