X Didn’t Fix Grok's ‘Undressing’ Problem. It Just Makes People Pay for It

X is allowing only “verified” users to create images with Grok. Experts say it represents the “monetization of abuse”—and anyone can still generate images on Grok’s app and website...

Grok apologizes for creating image of young girls in “sexualized attire”

Another AI system designed to be powerful and engaging ends up illustrating how guardrails routinely fail when development speed and feature races outrun safety controls. In a post on X, AI chatbot Grok confirmed that it generated an image of young girls in “sexualized attire.” The potential...

WordPress Jobify theme <= 4.2.7 - Missing Authorization to Unauthenticated Server-Side Request Forgery, Arbitrary Image Upload, and Image Generation vulnerability

Missing Authorization to Unauthenticated Server-Side Request Forgery, Arbitrary Image Upload, and Image Generation vulnerability discovered by Lucio Sá in WordPress Theme Jobify versions = 4.2.7...

Exploiting Latent Space Discontinuities for Building Universal LLM Jailbreaks and Data Extraction Attacks

The rapid proliferation of Large Language Models LLMs has raised significant concerns about their security against adversarial attacks. In this work, we propose a novel approach to crafting universal jailbreaks and data extraction attacks by exploiting latent space discontinuities, an architectur...

EUVD-2018-16909

Malware in sbrugna...

EUVD-2024-51722

Malicious code in bioql PyPI...

EUVD-2024-1379

Malicious code in bioql PyPI...

Malicious code in plugin-image-generation (npm)

The package plugin-image-generation was found to contain malicious code...

MAL-2025-29412 Malicious code in plugin-image-generation (npm)

The package plugin-image-generation was found to contain malicious code...

Removing Box-Free Watermarks for Image-To-Image Models Via Query-Based Reverse Engineering

The intellectual property of deep generative networks GNets can be protected using a cascaded hiding network HNet which embeds watermarks or marks into GNet outputs, known as box-free watermarking. Although both GNet and HNet are encapsulated in a black box called operation network, or ONet, with...

Watermarking Autoregressive Image Generation

Watermarking the outputs of generative models has emerged as a promising approach for tracking their provenance. Despite significant interest in autoregressive image generation models and their potential for misuse, no prior work has attempted to watermark their outputs at the token level. In thi...

Rethinking Machine Unlearning in Image Generation Models

With the surge and widespread application of image generation models, data privacy and content safety have become major concerns and attracted great attention from users, service providers, and policymakers. Machine unlearning MU is recognized as a cost-effective and promising means to address...

CVE-2024-13698

The Jobify - Job Board WordPress Theme for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the 'downloadimageviaai' and 'generateimageviaai' functions in all versions up to, and including, 4.2.7. This makes it possible for unauthenticat...

CVE-2021-37557

A SQL injection vulnerability in image generation in Centreon before 20.04.14, 20.10.8, and 21.04.2 allows remote authenticated but low-privileged attackers to execute arbitrary SQL commands via the include/views/graphs/generateGraphs/generateImage.php index parameter...

CVE-2024-13698

The Jobify - Job Board WordPress Theme for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the 'downloadimageviaai' and 'generateimageviaai' functions in all versions up to, and including, 4.2.7. This makes it possible for unauthenticat...

CVE-2024-13698

The Jobify - Job Board WordPress Theme for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the 'downloadimageviaai' and 'generateimageviaai' functions in all versions up to, and including, 4.2.7. This makes it possible for unauthenticat...

CVE-2024-13698

CVE-2024-13698 affects the Jobify – Job Board WordPress Theme (

CVE-2024-13698 Jobify - Job Board WordPress Theme <= 4.2.7 - Missing Authorization to Unauthenticated Server-Side Request Forgery, Arbitrary Image Upload, and Image Generation

The Jobify - Job Board WordPress Theme for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the 'downloadimageviaai' and 'generateimageviaai' functions in all versions up to, and including, 4.2.7. This makes it possible for unauthenticat...

CVE-2024-13698 Jobify - Job Board WordPress Theme <= 4.2.7 - Missing Authorization to Unauthenticated Server-Side Request Forgery, Arbitrary Image Upload, and Image Generation

The Jobify - Job Board WordPress Theme for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the 'downloadimageviaai' and 'generateimageviaai' functions in all versions up to, and including, 4.2.7. This makes it possible for unauthenticat...

PT-2025-2247 · WordPress · Jobify

Name of the Vulnerable Software and Affected Versions: Jobify - Job Board WordPress Theme for WordPress versions up to, and including, 4.2.7 Description: The issue concerns unauthorized access and modification of data due to a missing capability check in the download image via ai and generate ima...