CVE-2025-69134
Deferred Deferred - Pending Action

Unauthenticated Arbitrary Content Deletion in OpenAI Chatbot for WordPress

Vulnerability report for CVE-2025-69134, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-02

Last updated on: 2026-07-02

Assigner: Patchstack

Description

Unauthenticated Arbitrary Content Deletion in OpenAI Chatbot for WordPress – Helper <= 1.1.4 versions.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-02
Last Modified
2026-07-02
Generated
2026-07-02
AI Q&A
2026-07-02
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
patchstack openai_chatbot_for_wordpress_helper to 1.1.4 (inc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-862 The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2025-69134 is an Arbitrary Content Deletion vulnerability in the OpenAI Chatbot for WordPress – Helper plugin, versions 1.1.4 and below.

This vulnerability allows unauthenticated attackers to delete content such as posts, pages, or images from affected websites without any authorization.

It is classified as a high-risk issue with a CVSS score of 7.5 and falls under the OWASP Top 10 category of Broken Access Control.

Impact Analysis

This vulnerability can have a severe impact by allowing attackers to delete important website content such as posts, pages, or images.

Such unauthorized deletion can lead to data loss, disruption of website services, damage to reputation, and potential loss of business or user trust.

Because the vulnerability is exploitable without authentication, it increases the risk of mass exploitation campaigns.

Mitigation Strategies

Immediate action is recommended to mitigate the vulnerability in the OpenAI Chatbot for WordPress – Helper plugin versions 1.1.4 and below.

  • Update the plugin to a newer, non-vulnerable version if available.
  • Apply the mitigation rule issued by Patchstack to block attacks until an official fix is released.
  • Seek assistance from your hosting provider or a developer to implement protective measures.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-69134. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart