CVE-2024-7713

The AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0 discloses the Open AI API Key, allowing unauthenticated users to obtain it...

CVE-2024-7714

CVE-2024-7714 affects the WordPress plugin AI Assistant with ChatGPT and Content Generator by AYS (versions prior to 2.1.0). The Nuclei/patchstack entries describe an insufficient access control flaw that lets an unauthenticated user trigger actions (ays_chatgpt_disconnect, ays_chatgpt_connect, a...

CVE-2024-7713 AI Chatbot with ChatGPT by AYS <= 2.0.9 - Unauthenticated OpenAI Key Disclosure

The AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0 discloses the Open AI API Key, allowing unauthenticated users to obtain it...

CVE-2024-7713

CVE-2024-7713 affects the WordPress plugin “AI ChatBot with ChatGPT and Content Generator by AYS” (versions before 2.1.0). The vulnerability allows unauthenticated users to disclose the OpenAI API Key, exposing sensitive credentials and potentially enabling misuse of the API key. Multiple connect...

CVE-2024-7713 AI Chatbot with ChatGPT by AYS <= 2.0.9 - Unauthenticated OpenAI Key Disclosure

The AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0 discloses the Open AI API Key, allowing unauthenticated users to obtain it...

Simple Chatbot Application 1.0 Insecure Settings

============================================================================================================================================= | Title : Simple Chatbot Application v1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firef...

WordPress AI ChatBot with ChatGPT and Content Generator by AYS Plugin <= 2.0.9 is vulnerable to Sensitive Data Exposure

Software AI ChatBot with ChatGPT and Content Generator by AYS Type Plugin Vulnerable versions = 2.0.9 Fixed in 2.1.0 OWASP Top 10 A4: Insecure Design Classification Sensitive Data Exposure CVE CVE-2024-7713 Patch priority Low CVSS severity Low 5.8 Developer Claim ownership PSID 5f8161e14afa Credi...

WordPress plugin AI Chatbot with ChatGPT by AYS 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin AI Chatbot...

WordPress AI ChatBot with ChatGPT and Content Generator by AYS Plugin <= 2.0.9 is vulnerable to Broken Access Control

Software AI ChatBot with ChatGPT and Content Generator by AYS Type Plugin Vulnerable versions = 2.0.9 Fixed in 2.1.0 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-7714 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID...

CVE-2024-45989

Monica AI Assistant desktop application v2.3.0 is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor. A prompt injection allows an attacker to modify chatbot answer with an unloaded image that exfiltrates the user's sensitive chat data of the current session to a malicious...

PT-2024-38529 · Ays · Ayswp Chatbot

Name of the Vulnerable Software and Affected Versions: The AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin versions prior to 2.1.0 Description: The issue allows unauthenticated users to obtain the Open AI API Key. This is due to the disclosure of the Open AI API Key in the...

CVE-2024-45989

Monica AI Assistant desktop application v2.3.0 is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor. A prompt injection allows an attacker to modify chatbot answer with an unloaded image that exfiltrates the user's sensitive chat data of the current session to a malicious...

CVE-2024-6845

The Chatbot with ChatGPT WordPress plugin before 2.4.6 does not have proper authorization in one of its REST endpoint, allowing unauthenticated users to retrieve the encoded key and then decode it, thereby leaking the OpenAI API key...

CVE-2024-6845

The Chatbot with ChatGPT WordPress plugin before 2.4.6 does not have proper authorization in one of its REST endpoint, allowing unauthenticated users to retrieve the encoded key and then decode it, thereby leaking the OpenAI API key...

WordPress plugin Chatbot with ChatGPT 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin ... A security vulnerability...

PT-2024-37899

Name of the Vulnerable Software and Affected Versions The Chatbot with ChatGPT WordPress plugin versions prior to 2.4.6 Description The issue is related to a lack of proper authorization in one of the plugin's REST endpoints, allowing unauthenticated users to retrieve an encoded key, which can th...

CVE-2024-6723

The AI Engine WordPress plugin before 2.4.8 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by admin users when viewing chatbot discussions...

CVE-2024-6723

The AI Engine WordPress plugin before 2.4.8 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by admin users when viewing chatbot discussions...

CVE-2024-6723 AI Engine < 2.4.8 - Admin+ SQLi

The AI Engine WordPress plugin before 2.4.8 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by admin users when viewing chatbot discussions...

CVE-2024-6723 AI Engine < 2.4.8 - Admin+ SQLi

The AI Engine WordPress plugin before 2.4.8 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by admin users when viewing chatbot discussions...