WordPress AIomatic - Automatic AI Content Writer plugin <= 2.0.5 - Unauthenticated Arbitrary Email Sending vulnerability

WordPress AIomatic - Automatic AI Content Writer plugin = 2.0.5 - Unauthenticated Arbitrary Email Sending vulnerability discovered by István Márton - Wordfence in WordPress Plugin Aiomatic versions = 2.0.5...

EUVD-2024-54178

Malicious code in bioql PyPI...

EUVD-2024-54190

Malicious code in bioql PyPI...

EUVD-2024-47091

Malicious code in bioql PyPI...

CVE-2025-6206

The Aiomatic - Automatic AI Content Writer & Editor, GPT-3 & GPT-4, ChatGPT ChatBot & AI Toolkit plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'aiomaticimageeditorajaxsubmit' function in all versions up to, and including, 2.5.0. This makes...

CVE-2025-6206

The Aiomatic - Automatic AI Content Writer & Editor, GPT-3 & GPT-4, ChatGPT ChatBot & AI Toolkit plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'aiomaticimageeditorajaxsubmit' function in all versions up to, and including, 2.5.0. This makes...

CVE-2025-6206 Aiomatic - AI Content Writer, Editor, ChatBot & AI Toolkit <= 2.5.0 - Authenticated (Subscriber+) Arbitrary File Upload

The Aiomatic - Automatic AI Content Writer & Editor, GPT-3 & GPT-4, ChatGPT ChatBot & AI Toolkit plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'aiomaticimageeditorajaxsubmit' function in all versions up to, and including, 2.5.0. This makes...

PT-2025-26712 · WordPress · The Aiomatic

Name of the Vulnerable Software and Affected Versions: The Aiomatic - Automatic AI Content Writer & Editor plugin for WordPress versions up to, and including, 2.5.0 Description: The issue allows for arbitrary file uploads due to missing file type validation in the aiomatic image editor ajax submi...

WordPress Aiomatic plugin <= 2.5.0 - Authenticated (Subscriber+) Arbitrary File Upload vulnerability

Authenticated Subscriber+ Arbitrary File Upload vulnerability discovered by khanhhnahk1 in WordPress Plugin Aiomatic versions = 2.5.0...

CVE-2024-13882

The Aiomatic - Automatic AI Content Writer & Editor, GPT-3 & GPT-4, ChatGPT ChatBot & AI Toolkit plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'aiomaticgeneratefeaturedimage' function in all versions up to, and including, 2.3.8. This makes...

CVE-2024-13816

The Aiomatic - Automatic AI Content Writer & Editor, GPT-3 & GPT-4, ChatGPT ChatBot & AI Toolkit plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability checks on multiple functions in all versions up to, and including, 2.3.6. This mak...

CVE-2024-13882

The Aiomatic - Automatic AI Content Writer & Editor, GPT-3 & GPT-4, ChatGPT ChatBot & AI Toolkit plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'aiomaticgeneratefeaturedimage' function in all versions up to, and including, 2.3.8. This makes...

CVE-2024-13816

The CVE-2024-13816 entry covers Aiomatic – Automatic AI Content Writer & Editor (WordPress plugin) with vulnerable versions up to 2.3.6, where missing capability checks allow authenticated users with Subscriber-level access and above to perform multiple administrator actions (update/delete posts,...

CVE-2024-13882 Aiomatic - AI Content Writer, Editor, ChatBot & AI Toolkit <= 2.3.8 - Missing Authorization to Authenticated (Contributor+) Arbitrary File Upload

The Aiomatic - Automatic AI Content Writer & Editor, GPT-3 & GPT-4, ChatGPT ChatBot & AI Toolkit plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'aiomaticgeneratefeaturedimage' function in all versions up to, and including, 2.3.8. This makes...

CVE-2024-13816 Aiomatic - AI Content Writer, Editor, ChatBot & AI Toolkit <= 2.3.6 - Missing Authorization to Authenticated (Subscriber+) Multiple Administrator Actions

The Aiomatic - Automatic AI Content Writer & Editor, GPT-3 & GPT-4, ChatGPT ChatBot & AI Toolkit plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability checks on multiple functions in all versions up to, and including, 2.3.6. This mak...

CVE-2024-13882

The CVE-2024-13882 entry for Aiomatic (WordPress plugin) is supported by multiple connected sources indicating a concrete vulnerability: arbitrary file uploads due to missing file-type validation in aiomatic_generate_featured_image in all versions up to 2.3.8, exploitable by authenticated users w...

CVE-2024-13816 Aiomatic - AI Content Writer, Editor, ChatBot & AI Toolkit <= 2.3.6 - Missing Authorization to Authenticated (Subscriber+) Multiple Administrator Actions

The Aiomatic - Automatic AI Content Writer & Editor, GPT-3 & GPT-4, ChatGPT ChatBot & AI Toolkit plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability checks on multiple functions in all versions up to, and including, 2.3.6. This mak...

CVE-2024-13882 Aiomatic - AI Content Writer, Editor, ChatBot & AI Toolkit <= 2.3.8 - Missing Authorization to Authenticated (Contributor+) Arbitrary File Upload

The Aiomatic - Automatic AI Content Writer & Editor, GPT-3 & GPT-4, ChatGPT ChatBot & AI Toolkit plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'aiomaticgeneratefeaturedimage' function in all versions up to, and including, 2.3.8. This makes...

PT-2025-10421 · WordPress · The Aiomatic

Name of the Vulnerable Software and Affected Versions: The Aiomatic - Automatic AI Content Writer & Editor plugin for WordPress versions up to, and including, 2.3.8 Description: The issue is related to arbitrary file uploads due to missing file type validation in the aiomatic generate featured...

WordPress plugin Aiomatic - AI Content Writer, Editor, ChatBot & AI Toolkit 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...