Lucene search
K

4 matches found

CVE
CVE
added 2023/02/13 2:32 p.m.114 views

CVE-2023-0405

The CVE-2023-0405 entry concerns the WordPress plugin “GPT AI Power: Content Writer & ChatGPT & Image Generator & WooCommerce Product Writer & AI Training” (pre-1.4.38). A root cause is that the plugin does not perform nonce or privilege checks, allowing logged-in users (e.g., subscribers) to mod...

5.4CVSS4.8AI score0.00512EPSS
Exploits2References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/02/13 2:32 p.m.5 views

CVE-2023-0405 GPT3 AI Content Writer < 1.4.38 - Subscriber+ Arbitrary Post Content Update

The GPT AI Power: Content Writer & ChatGPT & Image Generator & WooCommerce Product Writer & AI Training WordPress plugin before 1.4.38 does not perform any kind of nonce or privilege checks before letting logged-in users modify arbitrary posts...

5.2AI score0.00512EPSS
Exploits2References1
Patchstack
Patchstack
added 2023/01/20 12:0 a.m.16 views

WordPress GPT3 AI Content Writer Plugin < 1.4.38 is vulnerable to Content Injection

Software GPT3 AI Content Writer Type Plugin Vulnerable versions 1.4.38 Fixed in 1.4.38 OWASP Top 10 A1: Injection Classification Content Injection CVE CVE-2023-0405 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 868b79c31d14 Credits Lana Codes Required privilege...

5.4CVSS6.8AI score0.00512EPSS
Exploits2References4Affected Software1
Patchstack
Patchstack
added 2023/01/19 12:0 a.m.10 views

WordPress GPT3 AI Content Writer Plugin < 1.4.38 is vulnerable to Broken Access Control

Software GPT3 AI Content Writer Type Plugin Vulnerable versions 1.4.38 Fixed in 1.4.38 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-0405 Patch priority Medium CVSS severity Medium 5.4 Developer Claim ownership PSID b166ac0894d6 Credits István Márton...

5.4CVSS6.8AI score0.00512EPSS
Exploits2References3Affected Software1
Rows per page
Query Builder