Lucene search
K

213 matches found

CVE
CVE
added 4 hours ago7 views

CVE-2026-12511

CVE-2026-12511 affects the AI Engine WordPress plugin prior to 3.5.5. The flaw occurs when a user-supplied filename used for a downloaded file is not sanitized, enabling authenticated users with editor-level access to perform path traversal and write attacker-controlled bytes to an arbitrary loca...

6.2AI score
Exploits0References1
EUVD
EUVD
added 4 hours ago4 views

EUVD-2026-43626

The AI Engine WordPress plugin before 3.5.5 does not sanitize a user-supplied filename before using it to write a downloaded file, allowing authenticated users with editor-level access to write attacker-controlled bytes to an arbitrary location on the server via path traversal...

6.2AI score
Exploits0References1
Nuclei
Nuclei
added yesterday25 views

WordPress AI Engine Plugin - Token Exposure

Unauthenticated sensitive information exposure in AI Engine WordPress plugin = 3.1.3 exposes bearer tokens via REST API endpoints when No-Auth URL is enabled. id: CVE-2025-11749 info: name: WordPress AI Engine Plugin - Token Exposure author: 4m3rr0r severity: critical description: | Unauthenticat...

9.8CVSS7AI score0.75063EPSS
Exploits5References2
Nuclei
Nuclei
added yesterday116 views

Jordy Meow AI Engine - Unrestricted File Upload

Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow AI Engine- ChatGPT Chatbot.This issue affects AI Engine- ChatGPT Chatbot- from n/a through 1.9.98. id: CVE-2023-51409 info: name: Jordy Meow AI Engine - Unrestricted File Upload author: pussycat0x severity: critical...

10CVSS7AI score0.65046EPSS
Exploits4References4
EUVD
EUVD
added 2026/06/15 9:30 p.m.12 views

EUVD-2026-36916

Editor Privilege Escalation in AI Engine = 3.4.9 versions...

7.2CVSS5.2AI score0.00393EPSS
Exploits0References2
NVD
NVD
added 2026/06/15 9:16 p.m.10 views

CVE-2026-27407

Editor Privilege Escalation in AI Engine = 3.4.9 versions...

7.2CVSS0.00393EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 8:17 p.m.29 views

CVE-2026-27407

CVE-2026-27407 concerns the WordPress AI Engine plugin, affected versions

7.2CVSS5.2AI score0.00393EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/05/28 8:57 a.m.13 views

WordPress AI Engine plugin <= 3.4.9 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by Phat RiO in WordPress Plugin AI Engine versions = 3.4.9...

7.2CVSS5.8AI score0.00393EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/05/18 7:58 p.m.13 views

CVE-2026-8719

The AI Engine – The Chatbot, AI Framework & MCP for WordPress plugin for WordPress is vulnerable to Privilege Escalation in version 3.4.9. This is due to missing WordPress capability enforcement in the MCP OAuth bearer-token authorization path, where any valid OAuth token causes MCP access to be...

8.8CVSS5.8AI score0.00359EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/05/18 3:18 a.m.16 views

WordPress AI Engine – The Chatbot, AI Framework & MCP for WordPress plugin 3.4.9-3.4.9 - Authenticated (Subscriber+) Privilege Escalation vulnerability

Authenticated Subscriber+ Privilege Escalation vulnerability discovered by daroo in WordPress Plugin AI Engine versions 3.4.9-3.4.9...

8.8CVSS5.8AI score0.00359EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/05/17 2:27 a.m.23 views

EUVD-2026-30678

The AI Engine – The Chatbot, AI Framework & MCP for WordPress plugin for WordPress is vulnerable to Privilege Escalation in version 3.4.9. This is due to missing WordPress capability enforcement in the MCP OAuth bearer-token authorization path, where any valid OAuth token causes MCP access to be...

8.8CVSS5.8AI score0.00359EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/17 12:0 a.m.11 views

WordPress plugin AI Engine 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

8.8CVSS5.8AI score0.00359EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/17 12:0 a.m.22 views

PT-2026-41513

Name of the Vulnerable Software and Affected Versions The AI Engine – The Chatbot, AI Framework & MCP for WordPress version 3.4.9 Description Missing WordPress capability enforcement in the MCP OAuth bearer-token authorization path allows authenticated users with Subscriber privileges or higher t...

8.8CVSS5.8AI score0.00359EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/04/13 7:24 p.m.3 views

CVE-2026-39506

Missing Authorization vulnerability in Jordy Meow AI Engine Pro ai-engine-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AI Engine Pro: from n/a through 3.4.2...

4.3CVSS5.8AI score0.00165EPSS
Exploits0References1
NVD
NVD
added 2026/04/08 9:16 a.m.4 views

CVE-2026-39506

Missing Authorization vulnerability in Jordy Meow AI Engine Pro ai-engine-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AI Engine Pro: from n/a through 3.4.2...

4.3CVSS0.00165EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/08 8:30 a.m.1 views

CVE-2026-39506 WordPress AI Engine (Pro) plugin < 3.4.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Jordy Meow AI Engine Pro ai-engine-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AI Engine Pro: from n/a through 3.4.2...

4.3CVSS5.8AI score0.00165EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/08 8:30 a.m.22 views

CVE-2026-39506 WordPress AI Engine (Pro) plugin < 3.4.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Jordy Meow AI Engine Pro ai-engine-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AI Engine Pro: from n/a through 3.4.2...

4.3CVSS0.00165EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.10 views

PT-2026-31135

Missing Authorization vulnerability in Jordy Meow AI Engine Pro ai-engine-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AI Engine Pro: from n/a through 3.4.2...

5.9AI score0.00165EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/08 12:0 a.m.6 views

WordPress plugin AI Engine (Pro) 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be added t...

4.3CVSS5.8AI score0.00165EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/03/28 7:7 a.m.6 views

WordPress AI Engine (Pro) plugin < 3.4.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin AI Engine Pro versions 3.4.2...

4.3CVSS5.9AI score0.00165EPSS
Exploits0Affected Software1
Rows per page
Query Builder