GeekyBot

9.8 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

The Geeky Bot plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 1.2.2. This is due to a nopriv AJAX route allowing attacker-controlled model/function dispatch and reaching a plugin installer helper that downloads and unzips attacker-supplied ZIP files into wp-content/plugins/. This makes it possible for unauthenticated attackers to perform arbitrary plugin installation and achieve remote code execution.

AI Analysis

Missing Authorization vulnerability in GeekyBot plugin for WordPress, allowing unauthenticated attackers to install arbitrary plugins and achieve remote code execution

Basic Information

ID CVE-2026-5294

Source Wordfence

Published May 5, 2026 at 03:37

Affected Product

Vendor ahmadgb

Product GeekyBot — AI Copilot, Chatbot, WooCommerce Lead Gen & Zero-Prompt Content

Affected Versions ahmadgb GeekyBot — AI Copilot, Chatbot, WooCommerce Lead Gen & Zero-Prompt Content 0

CWE Classification

CWE-862

AI Assessment

AI Score 9.8 / 10

AI Severity Critical

Vendor ahmadgb

Product GeekyBot

Version <= 1.2.2

References

{
    "lastseen": "",
    "description": "The Geeky Bot plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 1.2.2. This is due to a nopriv AJAX route allowing attacker-controlled model/function dispatch and reaching a plugin installer helper that downloads and unzips attacker-supplied ZIP files into wp-content/plugins/. This makes it possible for unauthenticated attackers to perform arbitrary plugin installation and achieve remote code execution.",
    "published": "2026-05-05T03:37:37.441Z",
    "modified": "2026-05-05T03:37:37.441Z",
    "type": "cve",
    "title": "GeekyBot <= 1.2.2 - Missing Authorization to Unauthenticated Arbitrary Plugin Installation via 'geekybot_frontendajax' AJAX Action",
    "source": "Wordfence",
    "references": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a1817c58-e807-4ef2-a382-28ca2fd5239e?source=cve\nhttps://plugins.trac.wordpress.org/changeset/3497169/geeky-bot",
    "id": "CVE-2026-5294",
    "bulletinFamily": "",
    "cwe": [
        "CWE-862"
    ],
    "cvelist": null,
    "sourceData": "ahmadgb GeekyBot \u2014 AI Copilot, Chatbot, WooCommerce Lead Gen & Zero-Prompt Content 0",
    "sourceHref": "",
    "cvss": {
        "score": 9.8,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "GeekyBot \u2014 AI Copilot, Chatbot, WooCommerce Lead Gen & Zero-Prompt Content",
    "version": "0",
    "vendor": "ahmadgb",
    "ai_description": "Missing Authorization vulnerability in GeekyBot plugin for WordPress, allowing unauthenticated attackers to install arbitrary plugins and achieve remote code execution",
    "ai_severity": "Critical",
    "ai_vendor": "ahmadgb",
    "ai_product": "GeekyBot",
    "ai_version": "<= 1.2.2",
    "ai_score": 9.8
}

GeekyBot <= 1.2.2 - Missing Authorization to Unauthenticated Arbitrary Plugin Installation via 'geekybot_frontendajax' AJAX Action_CVE-2026-5294