Lucene search
K

211 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-34800

Malicious code in bioql PyPI...

9.1CVSS6.4AI score0.00824EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-16489

Malicious code in bioql PyPI...

7.2CVSS7.6AI score0.01211EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-26139

Malicious code in bioql PyPI...

9.1CVSS6.5AI score0.00644EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-22507

Malicious code in bioql PyPI...

6.5CVSS6.4AI score0.00505EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/09/05 9:31 p.m.5 views

CVE-2025-8268

The AI Engine plugin for WordPress is vulnerable to unauthorized access and loss of data due to a missing capability check on the restlist and deletefiles functions in all versions up to, and including, 2.9.5. This makes it possible for unauthenticated attackers to list and delete files uploaded ...

6.5CVSS5.5AI score0.00252EPSS
Exploits0References1
NVD
NVD
added 2025/09/03 9:15 p.m.8 views

CVE-2025-8268

The AI Engine plugin for WordPress is vulnerable to unauthorized access and loss of data due to a missing capability check on the restlist and deletefiles functions in all versions up to, and including, 2.9.5. This makes it possible for unauthenticated attackers to list and delete files uploaded ...

6.5CVSS0.00252EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/09/03 8:24 p.m.2 views

CVE-2025-8268 Ai Engine <= 2.9.5 - Missing Authorization to Unauthenticated Uploaded Files Disclosure And Deletion

The AI Engine plugin for WordPress is vulnerable to unauthorized access and loss of data due to a missing capability check on the restlist and deletefiles functions in all versions up to, and including, 2.9.5. This makes it possible for unauthenticated attackers to list and delete files uploaded ...

6.5CVSS4.9AI score0.00252EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/09/03 8:24 p.m.10 views

CVE-2025-8268 Ai Engine <= 2.9.5 - Missing Authorization to Unauthenticated Uploaded Files Disclosure And Deletion

The AI Engine plugin for WordPress is vulnerable to unauthorized access and loss of data due to a missing capability check on the restlist and deletefiles functions in all versions up to, and including, 2.9.5. This makes it possible for unauthenticated attackers to list and delete files uploaded ...

6.5CVSS0.00252EPSS
Exploits0References4
CVE
CVE
added 2025/09/03 8:24 p.m.20 views

CVE-2025-8268

The CVE-2025-8268 entry concerns the WordPress AI Engine plugin (versions up to 2.9.5) with a missing capability check in the rest_list and delete_files paths, enabling unauthenticated attackers to list and delete files uploaded by other users. Impact per sources: unauthorized access and data los...

6.5CVSS4.9AI score0.00252EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/09/03 12:0 a.m.5 views

PT-2025-35834

Name of the Vulnerable Software and Affected Versions: AI Engine plugin for WordPress versions up to and including 2.9.5 Description: The AI Engine plugin for WordPress is susceptible to unauthorized access and data loss. This is due to a missing capability check in the rest list and delete files...

6.5CVSS5.6AI score0.00252EPSS
Exploits0References8
CNNVD
CNNVD
added 2025/09/03 12:0 a.m.5 views

WordPress plugin AI Engine 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

6.5CVSS6.4AI score0.00252EPSS
Exploits0References4
CNVD
CNVD
added 2025/08/10 12:0 a.m.8 views

WordPress AI Engine plugin code execution vulnerability

WordPress AI Engine plugin is a WordPress plugin that integrates artificial intelligence features, providing chatbots, content generation, image generation and other features, supporting docking with OpenAI and other platforms. WordPress AI Engine plugin has a code execution vulnerability that...

8.8CVSS8.5AI score0.01057EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/08/02 8:23 p.m.10 views

CVE-2025-7847

The AI Engine plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the restsimpleFileUpload function in versions 2.9.3 and 2.9.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on...

8.8CVSS7.2AI score0.01057EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2025/07/31 4:26 a.m.8 views

CVE-2025-7847 AI Engine 2.9.3 - 2.9.4 - Authenticated (Subscriber+) Arbitrary File Upload

The AI Engine plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the restsimpleFileUpload function in versions 2.9.3 and 2.9.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on...

8.8CVSS7.6AI score0.01057EPSS
Exploits2References5
Cvelist
Cvelist
added 2025/07/31 4:26 a.m.18 views

CVE-2025-7847 AI Engine 2.9.3 - 2.9.4 - Authenticated (Subscriber+) Arbitrary File Upload

The AI Engine plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the restsimpleFileUpload function in versions 2.9.3 and 2.9.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on...

8.8CVSS0.01057EPSS
Exploits2References5
CVE
CVE
added 2025/07/31 4:26 a.m.36 views

CVE-2025-7847

CVE-2025-7847 affects the WordPress AI Engine plugin versions 2.9.3–2.9.4. The issue is due to missing file type validation in the rest_simpleFileUpload() function, allowing authenticated attackers with Subscriber-level access (and above) to upload arbitrary files when REST API is enabled, potent...

8.8CVSS8AI score0.01057EPSS
Exploits2References5
CNNVD
CNNVD
added 2025/07/31 12:0 a.m.8 views

WordPress plugin AI Engine 代码问题漏洞

WordPress AI Engine plugin is a WordPress plugin that integrates artificial intelligence features, providing chatbots, content generation, image generation and other features, supporting docking with OpenAI and other platforms. WordPress AI Engine plugin has a code execution vulnerability that...

8.8CVSS8.4AI score0.01057EPSS
Exploits2References5
Positive Technologies
Positive Technologies
added 2025/07/31 12:0 a.m.21 views

PT-2025-31474 · WordPress · Ai Engine Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: AI Engine plugin for WordPress versions 2.9.3 and 2.9.4 Description: The AI Engine plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the rest simpleFileUpload function. This allows authenticat...

8.8CVSS6.9AI score0.01057EPSS
Exploits2References14
Wordfence Blog
Wordfence Blog
added 2025/07/30 4:14 p.m.15 views

100,000 WordPress Sites Affected by Arbitrary File Upload Vulnerability in AI Engine WordPress Plugin

📢 Calling all Vulnerability Researchers and Bug Bounty Hunters!📢 🌞 Spring into Summer with Wordfence! Now through August 4, 2025, earn 2X bounty rewards forall in-scope submissions from our ‘High Threat’ list in software with fewer than 5 million active installs. Bounties up to $31,200 per...

8.8CVSS8.2AI score0.01057EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2025/07/26 9:35 a.m.19 views

CVE-2025-7780

The AI Engine plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.9.4. The simpleTranscribeAudio endpoint fails to restrict URL schemes before calling getaudio. This makes it possible for authenticated attackers, with Subscriber-level acces...

6.5CVSS6.8AI score0.00505EPSS
Exploits0References1
Rows per page
Query Builder