90 matches found
CVE-2024-12606 AI Scribe – SEO AI Writer, Content Generator, Humanizer, Blog Writer, SEO Optimizer, DALLE-3, AI WordPress Plugin ChatGPT (GPT-4o 128K) <= 2.5 - Missing Authorization to Authenticated (Subscriber+) Settings Update
The AI Scribe – SEO AI Writer, Content Generator, Humanizer, Blog Writer, SEO Optimizer, DALLE-3, AI WordPress Plugin ChatGPT GPT-4o 128K plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the enginerequestdata function in all versions up...
WordPress plugin AI Scribe 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
PT-2025-1862 · WordPress · Ai Scribe
Name of the Vulnerable Software and Affected Versions: AI Scribe plugin for WordPress versions up to, and including, 2.3 Description: The issue is related to SQL Injection via the template id parameter of the article builder generate data shortcode. This is due to insufficient escaping on the...
WordPress plugin AI Scribe SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin AI...
PT-2025-1911 · WordPress · The Ai Scribe
Name of the Vulnerable Software and Affected Versions: The AI Scribe – SEO AI Writer, Content Generator, Humanizer, Blog Writer, SEO Optimizer, DALLE-3, AI WordPress Plugin ChatGPT GPT-4o 128K plugin for WordPress versions up to, and including, 2.3 Description: The issue is related to unauthorize...
WordPress AI Scribe plugin <= 2.5 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Peter Thaleikis in WordPress Plugin AI Scribe versions = 2.5...
WordPress AI Scribe plugin <= 2.5 - SQL Injection vulnerability
SQL Injection vulnerability discovered by Peter Thaleikis in WordPress Plugin AI Scribe versions = 2.5...
CVE-2024-12605
The AI Scribe – SEO AI Writer, Content Generator, Humanizer, Blog Writer, SEO Optimizer, DALLE-3, AI WordPress Plugin ChatGPT GPT-4o 128K plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.5. This is due to missing or incorrect nonce validatio...
CVE-2024-12605 AI Scribe – SEO AI Writer, Content Generator, Humanizer, Blog Writer, SEO Optimizer, DALLE-3, AI WordPress Plugin ChatGPT (GPT-4o 128K) <= 2.5 - Cross-Site Request Forgery to Settings Update
The AI Scribe – SEO AI Writer, Content Generator, Humanizer, Blog Writer, SEO Optimizer, DALLE-3, AI WordPress Plugin ChatGPT GPT-4o 128K plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.5. This is due to missing or incorrect nonce validatio...
CVE-2024-12605
CVE-2024-12605 affects the AI Scribe WordPress plugin (up to version 2.3). The vulnerability is CSRF due to missing or incorrect nonce validation on al_scribe_content_data actions, enabling unauthenticated attackers to update plugin settings by tricking an admin. The Red Hat/Wordfence documentati...
CVE-2024-12605 AI Scribe – SEO AI Writer, Content Generator, Humanizer, Blog Writer, SEO Optimizer, DALLE-3, AI WordPress Plugin ChatGPT (GPT-4o 128K) <= 2.5 - Cross-Site Request Forgery to Settings Update
The AI Scribe – SEO AI Writer, Content Generator, Humanizer, Blog Writer, SEO Optimizer, DALLE-3, AI WordPress Plugin ChatGPT GPT-4o 128K plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.5. This is due to missing or incorrect nonce validatio...
WordPress plugin AI Scribe 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
WordPress AI Scribe plugin <= 2.5 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Dhabaleshwar Das in WordPress Plugin AI Scribe versions = 2.5...
Scribe Platform: End-to-end Software Supply Chain Security
As software supply chain security becomes more and more crucial, security, DevSecOps, and DevOps teams are more challenged than ever to build transparent trust in the software they deliver or use. In fact, in Gartner recently published their 2022 cybersecurity predictions - not only do they...
scribe-plugin-sanitizer (>=0.1.4 <=0.1.9) potentially affected by CVE-2017-0931 via html-janitor (>=0.2.0 <=1.1.0)
html-janitor NPM version =0.2.0, =0.1.4, =0.1.9 Source cves: CVE-2017-0931 Source advisory: OSV:GHSA-HFJ4-96F7-6R5G...
Scribe <= 0.2 - Remote PHP Code Execution Vulnerability
No description provided by source. --------------------------------------------------------------- / | |\ \ / | / |/ | | |/ \ | | / \ \ | \ \ | | | \ | |/ \ | | // | || | ||| /| / /\ | |||| /| / / --------------------------------------------------------------- Http://www.inj3ct-it.org...
Scribe <= 0.2 (index.php page) Local File Inclusion Vulnerability
No description provided by source. scribe 0.2 local file inclusion vulnerability download http://sourceforge.net/projects/scribe/ author muuratsalo contact muuratsaloatgmail.com exploit http://localhost/0.2/index.php?page=../../../../../../../../../../etc/passwd%00 milw0rm.com 2008-02-14...
Digital Scribe 1.4.1 - Multiple SQL Injection Vulnerabilities
No description provided by source. Digital Scribe 1.4.1 Multiple SQL Injection Vulnerabilities Name Digital Scribe Vendor http://www.digital-scribe.org Versions Affected 1.4.1 Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at gmail dot com Da...
Digital Scribe 1.4 Login SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/14843/info Digital Scribe is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation cou...
Digital Scribe 1.x Error Function Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8551/info A problem has been reported in the checking of input by Digital Scribe, potentially allow for cross-site scripting attacks. Because of this, it may be possible for an attacker to steal cookie authentication...