CVE-2026-0746

The AI Engine plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 3.3.2 via the 'getaudio' function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to make web requests to arbitrary locations...

CVE-2026-0746

CVE-2026-0746 : The WordPress AI Engine plugin (

CVE-2026-0746 AI Engine <= 3.3.2 - Authenticated (Subscriber+) Server-Side Request Forgery

The AI Engine plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 3.3.2 via the 'getaudio' function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to make web requests to arbitrary locations...

CVE-2026-0746

The AI Engine plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 3.3.2 via the 'getaudio' function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to make web requests to arbitrary locations...

WordPress Plugin AI Engine code vulnerability

WordPress Plugin AI Engine is a plugin developed by the WordPress Foundation. It can be used to build intelligent chatbots, create AI forms, and automate tasks. Versions of WordPress Plugin AI Engine prior to 3.3.2 have code vulnerabilities due to a server-side request forgeing issue in the...

UBUNTU-CVE-2017-15046

LAME 3.99.5, 3.99.4, 3.98.4, 3.98.2, 3.98 and 3.97 have a stack-based buffer overflow in unpackreadsamples in frontend/getaudio.c, a different vulnerability than CVE-2017-9412...

ALPINE-CVE-2017-9412

The unpackreadsamples function in frontend/getaudio.c in LAME 3.99.5 allows remote attackers to cause a denial of service invalid memory read and application crash via a crafted wav file...