5 matches found
CVE-2024-13882
The Aiomatic - Automatic AI Content Writer & Editor, GPT-3 & GPT-4, ChatGPT ChatBot & AI Toolkit plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'aiomaticgeneratefeaturedimage' function in all versions up to, and including, 2.3.8. This makes...
CVE-2024-13882
creationtimestamp| type| source ---|---|--- 2025-03-08 08:37:32+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/6932 2025-03-08 11:00:23+00:00| seen| https://t.me/cvedetector/19889 2025-03-08 11:48:17+00:00| seen|...
CVE-2024-13882
The CVE-2024-13882 entry for Aiomatic (WordPress plugin) is supported by multiple connected sources indicating a concrete vulnerability: arbitrary file uploads due to missing file-type validation in aiomatic_generate_featured_image in all versions up to 2.3.8, exploitable by authenticated users w...
CVE-2024-13882 Aiomatic - AI Content Writer, Editor, ChatBot & AI Toolkit <= 2.3.8 - Missing Authorization to Authenticated (Contributor+) Arbitrary File Upload
The Aiomatic - Automatic AI Content Writer & Editor, GPT-3 & GPT-4, ChatGPT ChatBot & AI Toolkit plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'aiomaticgeneratefeaturedimage' function in all versions up to, and including, 2.3.8. This makes...
CVE-2024-13882 Aiomatic - AI Content Writer, Editor, ChatBot & AI Toolkit <= 2.3.8 - Missing Authorization to Authenticated (Contributor+) Arbitrary File Upload
The Aiomatic - Automatic AI Content Writer & Editor, GPT-3 & GPT-4, ChatGPT ChatBot & AI Toolkit plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'aiomaticgeneratefeaturedimage' function in all versions up to, and including, 2.3.8. This makes...