PT-2025-2132 · WordPress · Ai Power: Complete Ai Pack

Name of the Vulnerable Software and Affected Versions: AI Power: Complete AI Pack plugin for WordPress versions up to, and including, 1.8.96 Description: The issue allows authenticated attackers with subscriber-level access and above to make web requests to arbitrary locations originating from th...

WordPress AI Power: Complete AI Pack plugin <= 1.8.96 - Authenticated (Subscriber+) Server-Side Request Forgery vulnerability

Authenticated Subscriber+ Server-Side Request Forgery vulnerability discovered by shaman0x01 in WordPress Plugin GPT3 AI Content Writer versions = 1.8.96...

WordPress AI Power: Complete AI Pack plugin <= 1.8.96 - Authenticated (Admin+) PHP Object Injection vulnerability

Authenticated Admin+ PHP Object Injection vulnerability discovered by Tran Anh Duc in WordPress Plugin GPT3 AI Content Writer versions = 1.8.96...

Vulnerability of the handle_imageUpload() function in the plugin for creating customizable content based on artificial intelligence (AI): The Complete AI Pack from the WordPress content management system allows attackers to execute arbitrary code.

Vulnerability of the handleimageUpload function in the plugin for creating customizable content based on artificial intelligence AI: The Complete AI Pack of the WordPress content management system is associated with unlimited uploading of dangerous types of files. Exploiting this vulnerability...

CVE-2023-51528

Cross-Site Request Forgery CSRF vulnerability in Senol Sahin AI Power: Complete AI Pack – Powered by GPT-4.This issue affects AI Power: Complete AI Pack – Powered by GPT-4: from n/a through 1.8.12...

CVE-2023-51527

CVE-2023-51527 describes an Exposure of Sensitive Information to an Unauthorized Actor in the plugin AI Power: Complete AI Pack – Powered by GPT-4 . Reports indicate the vulnerability affects versions up to 1.8.2 and allows an unauthorized actor to access sensitive data. Related connected records...