CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-38791 – WordPress AI ENGINE plugin <= 2.4.7 - Server Side Request Forgery (SSRF) vulnerability
https://notcve.org/view.php?id=CVE-2024-38791
22 Jul 2024 — Server-Side Request Forgery (SSRF) vulnerability in Jordy Meow AI Engine: ChatGPT Chatbot allows Server Side Request Forgery.This issue affects AI Engine: ChatGPT Chatbot: from n/a through 2.4.7. The AI Engine plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.4.7. This makes it possible for authenticated attackers, with subscriber-level access and above, to make web requests to arbitrary locations originating from the web application which can be used ... • https://patchstack.com/database/vulnerability/ai-engine/wordpress-ai-engine-plugin-2-4-7-server-side-request-forgery-ssrf-vulnerability?_s_id=cve • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34440 – WordPress AI Engine plugin <= 2.2.63 - Auth. Arbitrary File Upload vulnerability
https://notcve.org/view.php?id=CVE-2024-34440
07 May 2024 — Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow AI Engine: ChatGPT Chatbot.This issue affects AI Engine: ChatGPT Chatbot: from n/a through 2.2.63. Carga sin restricciones de archivos con vulnerabilidad de tipo peligroso en Jordy Meow AI Engine: ChatGPT Chatbot. Este problema afecta a AI Engine: ChatGPT Chatbot: desde n/a hasta 2.2.63. The AI Engine plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in all versions up to, and including... • https://patchstack.com/database/vulnerability/ai-engine/wordpress-ai-engine-plugin-2-2-63-arbitrary-file-upload-vulnerability?_s_id=cve • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-29090 – WordPress AI Engine plugin <= 2.1.4 - Server Side Request Forgery (SSRF) vulnerability
https://notcve.org/view.php?id=CVE-2024-29090
26 Mar 2024 — Server-Side Request Forgery (SSRF) vulnerability in Jordy Meow AI Engine: ChatGPT Chatbot.This issue affects AI Engine: ChatGPT Chatbot: from n/a through 2.1.4. Vulnerabilidad de Server-Side Request Forgery (SSRF) en Jordy Meow AI Engine: ChatGPT Chatbot. Este problema afecta al motor AI: ChatGPT Chatbot: desde n/a hasta 2.1.4. The AI Engine plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.1.4 via the download_image function. This makes it possible fo... • https://patchstack.com/database/vulnerability/ai-engine/wordpress-ai-engine-plugin-2-1-4-server-side-request-forgery-ssrf-vulnerability?_s_id=cve • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 3CVE-2023-51409 – WordPress AI Engine plugin <= 1.9.98 - Unauthenticated Arbitrary File Upload vulnerability
https://notcve.org/view.php?id=CVE-2023-51409
09 Jan 2024 — Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow AI Engine: ChatGPT Chatbot.This issue affects AI Engine: ChatGPT Chatbot: from n/a through 1.9.98. Carga sin restricciones de archivos con vulnerabilidad de tipo peligroso en Jordy Meow AI Engine: ChatGPT Chatbot. Este problema afecta a AI Engine: ChatGPT Chatbot: desde n/a hasta 1.9.98. The AI Engine: Chatbots, Generators, Assistants, GPT 4 and more! plugin for WordPress is vulnerable to arbitrary file uploads due to missing file t... • https://github.com/RandomRobbieBF/CVE-2023-51409 • CWE-434: Unrestricted Upload of File with Dangerous Type •