4 matches found
CVE-2025-6206
The Aiomatic - Automatic AI Content Writer & Editor, GPT-3 & GPT-4, ChatGPT ChatBot & AI Toolkit plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'aiomaticimageeditorajaxsubmit' function in all versions up to, and including, 2.5.0. This makes...
CVE-2025-6206
The Aiomatic - Automatic AI Content Writer & Editor, GPT-3 & GPT-4, ChatGPT ChatBot & AI Toolkit plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'aiomaticimageeditorajaxsubmit' function in all versions up to, and including, 2.5.0. This makes...
CVE-2025-6206
CVE-2025-6206 concerns the WordPress plugin Aiomatic - AI Content Writer & Editor (versions up to 2.5.0). The issue is an arbitrary file upload flaw caused by missing file-type validation in the aiomatic_image_editor_ajax_submit function. It requires an authenticated user with Subscriber+ privile...
WordPress Aiomatic plugin <= 2.5.0 - Authenticated (Subscriber+) Arbitrary File Upload vulnerability
Authenticated Subscriber+ Arbitrary File Upload vulnerability discovered by khanhhnahk1 in WordPress Plugin Aiomatic versions = 2.5.0...