◈ AI Security Intelligence ← All terms
Attack  ·  Glossary

Broken access control (AI plugins & chatbots)

Definition
A security flaw where an AI-powered plugin or chatbot does not properly check who is allowed to see or do what. A low-privilege user—such as a basic subscriber—can exploit the flaw to read private conversation logs, extract stored API keys, or trigger actions they should never have permission to perform.
Why it matters
A single misconfigured chatbot plugin installed on a company website can hand an attacker the credentials to your entire AI stack, including keys that grant billing access to third-party AI providers. Because these plugins are often installed by marketing or operations teams without security review, the exposure can go undetected for months.
Demonstrated by recent findings
Chatway Live Chat AI Chatbot — Subscriber Sensitive Data Exposure (CVE-2026-49082)ChatBot WordPress Plugin — Subscriber Broken Access Control (CVE-2026-40788)ChatBot WordPress Plugin — Subscriber Broken Access Control (CVSS 7.1)Chatway Live Chat AI Chatbot — Subscriber Sensitive Data Exposure (CVSS 7.4)AI Product Search for WooCommerce (Motive Commerce Search) — Unauthenticated Broken Access Control (CVSS 8.2)
References
OWASP Top 10 for LLM Applications (LLM06: Excessive Agency / LLM02: Sensitive Information Disclosure)
Track this in the live feed See how this plays out in real AI security and governance developments.
Open the feed →