CVE-2024-0451 AI ChatBot <= 5.3.4 - Missing Authorization via openai_file_list_callback
The AI ChatBot plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the openaifilelistcallback function in all versions up to, and including, 5.3.4. This makes it possible for authenticated attackers, with subscriber-level access and above, to lis...