PT-2024-37280 · WordPress · The Aiomatic

Name of the Vulnerable Software and Affected Versions: The AIomatic - Automatic AI Content Writer for WordPress versions up to, and including, 2.0.5 Description: The issue is due to insufficient limitations on the email recipient and the content in the aiomatic send email function, which are...

Claim can only be created for a recipient once

Lines of code Vulnerability details Claim can only be created for a recipient once The function creating claims, createClaimUnchecked, has the hasNoClaim modifier, that is defined as opposite hasActiveClaim, meaning it reverts if there is an active claim for a user. It reverts if...