211 matches found
EUVD-2024-34800
Malicious code in bioql PyPI...
EUVD-2024-16489
Malicious code in bioql PyPI...
EUVD-2024-26139
Malicious code in bioql PyPI...
EUVD-2025-22507
Malicious code in bioql PyPI...
CVE-2025-8268
The AI Engine plugin for WordPress is vulnerable to unauthorized access and loss of data due to a missing capability check on the restlist and deletefiles functions in all versions up to, and including, 2.9.5. This makes it possible for unauthenticated attackers to list and delete files uploaded ...
CVE-2025-8268
The AI Engine plugin for WordPress is vulnerable to unauthorized access and loss of data due to a missing capability check on the restlist and deletefiles functions in all versions up to, and including, 2.9.5. This makes it possible for unauthenticated attackers to list and delete files uploaded ...
CVE-2025-8268 Ai Engine <= 2.9.5 - Missing Authorization to Unauthenticated Uploaded Files Disclosure And Deletion
The AI Engine plugin for WordPress is vulnerable to unauthorized access and loss of data due to a missing capability check on the restlist and deletefiles functions in all versions up to, and including, 2.9.5. This makes it possible for unauthenticated attackers to list and delete files uploaded ...
CVE-2025-8268 Ai Engine <= 2.9.5 - Missing Authorization to Unauthenticated Uploaded Files Disclosure And Deletion
The AI Engine plugin for WordPress is vulnerable to unauthorized access and loss of data due to a missing capability check on the restlist and deletefiles functions in all versions up to, and including, 2.9.5. This makes it possible for unauthenticated attackers to list and delete files uploaded ...
CVE-2025-8268
The CVE-2025-8268 entry concerns the WordPress AI Engine plugin (versions up to 2.9.5) with a missing capability check in the rest_list and delete_files paths, enabling unauthenticated attackers to list and delete files uploaded by other users. Impact per sources: unauthorized access and data los...
PT-2025-35834
Name of the Vulnerable Software and Affected Versions: AI Engine plugin for WordPress versions up to and including 2.9.5 Description: The AI Engine plugin for WordPress is susceptible to unauthorized access and data loss. This is due to a missing capability check in the rest list and delete files...
WordPress plugin AI Engine 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
WordPress AI Engine plugin code execution vulnerability
WordPress AI Engine plugin is a WordPress plugin that integrates artificial intelligence features, providing chatbots, content generation, image generation and other features, supporting docking with OpenAI and other platforms. WordPress AI Engine plugin has a code execution vulnerability that...
CVE-2025-7847
The AI Engine plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the restsimpleFileUpload function in versions 2.9.3 and 2.9.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on...
CVE-2025-7847 AI Engine 2.9.3 - 2.9.4 - Authenticated (Subscriber+) Arbitrary File Upload
The AI Engine plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the restsimpleFileUpload function in versions 2.9.3 and 2.9.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on...
CVE-2025-7847 AI Engine 2.9.3 - 2.9.4 - Authenticated (Subscriber+) Arbitrary File Upload
The AI Engine plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the restsimpleFileUpload function in versions 2.9.3 and 2.9.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on...
CVE-2025-7847
CVE-2025-7847 affects the WordPress AI Engine plugin versions 2.9.3–2.9.4. The issue is due to missing file type validation in the rest_simpleFileUpload() function, allowing authenticated attackers with Subscriber-level access (and above) to upload arbitrary files when REST API is enabled, potent...
WordPress plugin AI Engine 代码问题漏洞
WordPress AI Engine plugin is a WordPress plugin that integrates artificial intelligence features, providing chatbots, content generation, image generation and other features, supporting docking with OpenAI and other platforms. WordPress AI Engine plugin has a code execution vulnerability that...
PT-2025-31474 · WordPress · Ai Engine Wordpress Plugin
Name of the Vulnerable Software and Affected Versions: AI Engine plugin for WordPress versions 2.9.3 and 2.9.4 Description: The AI Engine plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the rest simpleFileUpload function. This allows authenticat...
100,000 WordPress Sites Affected by Arbitrary File Upload Vulnerability in AI Engine WordPress Plugin
📢 Calling all Vulnerability Researchers and Bug Bounty Hunters!📢 🌞 Spring into Summer with Wordfence! Now through August 4, 2025, earn 2X bounty rewards forall in-scope submissions from our ‘High Threat’ list in software with fewer than 5 million active installs. Bounties up to $31,200 per...
CVE-2025-7780
The AI Engine plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.9.4. The simpleTranscribeAudio endpoint fails to restrict URL schemes before calling getaudio. This makes it possible for authenticated attackers, with Subscriber-level acces...