Browse all 3 CVE security advisories affecting artibot. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Artibot serves as a customer service automation platform designed to handle routine inquiries and support interactions across various industries. Historically, the platform has been susceptible to remote code execution (RCE) and cross-site scripting (XSS) vulnerabilities, often stemming from improper input validation and insecure API endpoints. Privilege escalation issues have also been documented, allowing unauthorized access to administrative functions. Artibot's security posture has attracted attention due to multiple CVEs, including critical flaws that could enable complete system compromise. While no major public incidents have been widely reported, the recurring nature of these vulnerabilities highlights ongoing challenges in securing automated service systems against exploitation.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-12078 | ArtiBot Free Chat Bot for WebSites <= 1.1.7 - Reflected Cross-Site Scripting via PostMessage — ArtiBot Free Chat Bot for WebSitesCWE-79 | 6.1 | Medium | 2025-11-18 |
| CVE-2024-0447 | ArtiBot Free Chat Bot for WordPress WebSites <= 1.1.6 - Missing Authorization to Settings Update — ArtiBot Free Chat Bot for WebSitesCWE-862 | 5.0 | Medium | 2024-03-13 |
| CVE-2024-0449 | ArtiBot Free Chat Bot for WordPress WebSites <= 1.1.6 - Authenticated (Admin+) Cross-Site Scripting — ArtiBot Free Chat Bot for WebSitesCWE-79 | 4.4 | Medium | 2024-03-13 |
This page lists every published CVE security advisory associated with artibot. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.