Lucene search
PatchstackCVELIST:CVE-2024-29090HistoryMar 28, 2024 - 5:12 a.m.
CVE-2024-29090 WordPress AI Engine plugin <= 2.1.4 - Server Side Request Forgery (SSRF) vulnerability
2024-03-2805:12:03
CWE-918
Patchstack
www.cve.org
4
cve-2024-29090
server side request forgery
wordpress
ai engine
chatgpt
CVSS3
6.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
EPSS
0
Percentile
9.0%
Server-Side Request Forgery (SSRF) vulnerability in Jordy Meow AI Engine: ChatGPT Chatbot.This issue affects AI Engine: ChatGPT Chatbot: from n/a through 2.1.4.
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "ai-engine",
"product": "AI Engine: ChatGPT Chatbot",
"vendor": "Jordy Meow",
"versions": [
{
"changes": [
{
"at": "2.1.5",
"status": "unaffected"
}
],
"lessThanOrEqual": "2.1.4",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
vulnrichment
vulnrichment
wpvulndb
wpvulndb
AI Engine < 2.1.5 - Authenticated (Editor+) Server-Side Request Forgery
2024-05-07 00:00:00
nvd
nvd
CVE-2024-29090
2024-03-28 06:15:12
cve
cve
CVE-2024-29090
2024-03-28 06:15:12
CVSS3
6.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
EPSS
0
Percentile
9.0%
Related for CVELIST:CVE-2024-29090