2 matches found
CVE-2024-13360
CVE-2024-13360 affects the WordPress plugin AI Power: Complete AI Pack (≤ 1.8.96). It is vulnerable to Server-Side Request Forgery via the wpaicg_troubleshoot_add_vector() function, allowing authenticated users with subscriber-level or higher privileges to make web requests from the WordPress ins...
CVE-2024-13360 AI Power: Complete AI Pack <= 1.8.96 - Authenticated (Subscriber+) Server-Side Request Forgery
The AI Power: Complete AI Pack plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.8.96 via the wpaicgtroubleshootaddvector. This makes it possible for authenticated attackers, with subscriber-level access and above, to make web requests to...