Lucene search
K

90 matches found

Cvelist
Cvelist
added 2025/01/10 3:21 a.m.19 views

CVE-2024-12606 AI Scribe – SEO AI Writer, Content Generator, Humanizer, Blog Writer, SEO Optimizer, DALLE-3, AI WordPress Plugin ChatGPT (GPT-4o 128K) <= 2.5 - Missing Authorization to Authenticated (Subscriber+) Settings Update

The AI Scribe – SEO AI Writer, Content Generator, Humanizer, Blog Writer, SEO Optimizer, DALLE-3, AI WordPress Plugin ChatGPT GPT-4o 128K plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the enginerequestdata function in all versions up...

4.3CVSS0.00293EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/01/10 12:0 a.m.5 views

WordPress plugin AI Scribe 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

4.3CVSS8AI score0.00293EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/01/10 12:0 a.m.4 views

PT-2025-1862 · WordPress · Ai Scribe

Name of the Vulnerable Software and Affected Versions: AI Scribe plugin for WordPress versions up to, and including, 2.3 Description: The issue is related to SQL Injection via the template id parameter of the article builder generate data shortcode. This is due to insufficient escaping on the...

6.5CVSS7.8AI score0.00492EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/01/10 12:0 a.m.4 views

WordPress plugin AI Scribe SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin AI...

6.5CVSS8.8AI score0.00492EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/01/10 12:0 a.m.7 views

PT-2025-1911 · WordPress · The Ai Scribe

Name of the Vulnerable Software and Affected Versions: The AI Scribe – SEO AI Writer, Content Generator, Humanizer, Blog Writer, SEO Optimizer, DALLE-3, AI WordPress Plugin ChatGPT GPT-4o 128K plugin for WordPress versions up to, and including, 2.3 Description: The issue is related to unauthorize...

4.3CVSS7AI score0.00293EPSS
Exploits0References7
Patchstack
Patchstack
added 2025/01/09 3:57 p.m.7 views

WordPress AI Scribe plugin <= 2.5 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Peter Thaleikis in WordPress Plugin AI Scribe versions = 2.5...

4.3CVSS7AI score0.00293EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/01/09 3:7 p.m.5 views

WordPress AI Scribe plugin <= 2.5 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Peter Thaleikis in WordPress Plugin AI Scribe versions = 2.5...

6.5CVSS8.1AI score0.00492EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2025/01/09 11:15 a.m.13 views

CVE-2024-12605

The AI Scribe – SEO AI Writer, Content Generator, Humanizer, Blog Writer, SEO Optimizer, DALLE-3, AI WordPress Plugin ChatGPT GPT-4o 128K plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.5. This is due to missing or incorrect nonce validatio...

4.3CVSS0.00198EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/01/09 11:10 a.m.7 views

CVE-2024-12605 AI Scribe – SEO AI Writer, Content Generator, Humanizer, Blog Writer, SEO Optimizer, DALLE-3, AI WordPress Plugin ChatGPT (GPT-4o 128K) <= 2.5 - Cross-Site Request Forgery to Settings Update

The AI Scribe – SEO AI Writer, Content Generator, Humanizer, Blog Writer, SEO Optimizer, DALLE-3, AI WordPress Plugin ChatGPT GPT-4o 128K plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.5. This is due to missing or incorrect nonce validatio...

4.3CVSS7.2AI score0.00198EPSS
Exploits0References3
CVE
CVE
added 2025/01/09 11:10 a.m.44 views

CVE-2024-12605

CVE-2024-12605 affects the AI Scribe WordPress plugin (up to version 2.3). The vulnerability is CSRF due to missing or incorrect nonce validation on al_scribe_content_data actions, enabling unauthenticated attackers to update plugin settings by tricking an admin. The Red Hat/Wordfence documentati...

4.3CVSS7.2AI score0.00198EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/01/09 11:10 a.m.14 views

CVE-2024-12605 AI Scribe – SEO AI Writer, Content Generator, Humanizer, Blog Writer, SEO Optimizer, DALLE-3, AI WordPress Plugin ChatGPT (GPT-4o 128K) <= 2.5 - Cross-Site Request Forgery to Settings Update

The AI Scribe – SEO AI Writer, Content Generator, Humanizer, Blog Writer, SEO Optimizer, DALLE-3, AI WordPress Plugin ChatGPT GPT-4o 128K plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.5. This is due to missing or incorrect nonce validatio...

4.3CVSS0.00198EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/01/09 12:0 a.m.3 views

WordPress plugin AI Scribe 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

4.3CVSS8.4AI score0.00198EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/01/08 10:59 p.m.4 views

WordPress AI Scribe plugin <= 2.5 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Dhabaleshwar Das in WordPress Plugin AI Scribe versions = 2.5...

4.3CVSS7AI score0.00198EPSS
Exploits0References1Affected Software1
The Hacker News
The Hacker News
added 2022/10/12 2:28 p.m.31 views

Scribe Platform: End-to-end Software Supply Chain Security

As software supply chain security becomes more and more crucial, security, DevSecOps, and DevOps teams are more challenged than ever to build transparent trust in the software they deliver or use. In fact, in Gartner recently published their 2022 cybersecurity predictions - not only do they...

7.6AI score
Exploits0
vulnersOsv
vulnersOsv
added 2018/11/09 5:49 p.m.5 views

scribe-plugin-sanitizer (>=0.1.4 <=0.1.9) potentially affected by CVE-2017-0931 via html-janitor (>=0.2.0 <=1.1.0)

html-janitor NPM version =0.2.0, =0.1.4, =0.1.9 Source cves: CVE-2017-0931 Source advisory: OSV:GHSA-HFJ4-96F7-6R5G...

6.1CVSS6.3AI score0.01063EPSS
Exploits1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.14 views

Scribe <= 0.2 - Remote PHP Code Execution Vulnerability

No description provided by source. --------------------------------------------------------------- / | |\ \ / | / |/ | | |/ \ | | / \ \ | \ \ | | | \ | |/ \ | | // | || | ||| /| / /\ | |||| /| / / --------------------------------------------------------------- Http://www.inj3ct-it.org...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.14 views

Scribe <= 0.2 (index.php page) Local File Inclusion Vulnerability

No description provided by source. scribe 0.2 local file inclusion vulnerability download http://sourceforge.net/projects/scribe/ author muuratsalo contact muuratsaloatgmail.com exploit http://localhost/0.2/index.php?page=../../../../../../../../../../etc/passwd%00 milw0rm.com 2008-02-14...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.31 views

Digital Scribe 1.4.1 - Multiple SQL Injection Vulnerabilities

No description provided by source. Digital Scribe 1.4.1 Multiple SQL Injection Vulnerabilities Name Digital Scribe Vendor http://www.digital-scribe.org Versions Affected 1.4.1 Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at gmail dot com Da...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.23 views

Digital Scribe 1.4 Login SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14843/info Digital Scribe is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation cou...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.12 views

Digital Scribe 1.x Error Function Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8551/info A problem has been reported in the checking of input by Digital Scribe, potentially allow for cross-site scripting attacks. Because of this, it may be possible for an attacker to steal cookie authentication...

7.1AI score
Exploits0
Rows per page
Query Builder