Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2026/01/29 9:24 a.m.10 views

CVE-2026-1400

The AI Engine – The Chatbot and AI Framework for WordPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the resthelpersupdatemediametadata function in all versions up to, and including, 3.3.2. This makes it possible for authenticated attacker...

7.2CVSS6.5AI score0.00667EPSS
Exploits0References1
NVD
NVD
added 2026/01/28 9:15 a.m.6 views

CVE-2026-1400

The AI Engine – The Chatbot and AI Framework for WordPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the resthelpersupdatemediametadata function in all versions up to, and including, 3.3.2. This makes it possible for authenticated attacker...

7.2CVSS0.00667EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/01/28 8:26 a.m.5 views

CVE-2026-1400

The AI Engine – The Chatbot and AI Framework for WordPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the resthelpersupdatemediametadata function in all versions up to, and including, 3.3.2. This makes it possible for authenticated attacker...

7.2CVSS6.5AI score0.00667EPSS
Exploits0References5
EUVD
EUVD
added 2026/01/28 8:26 a.m.12 views

EUVD-2026-4890

The AI Engine – The Chatbot and AI Framework for WordPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the resthelpersupdatemediametadata function in all versions up to, and including, 3.3.2. This makes it possible for authenticated attacker...

7.2CVSS6.5AI score0.00667EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/01/28 8:26 a.m.4 views

CVE-2026-1400 AI Engine <= 3.3.2 - Authenticated (Editor+) Arbitrary File Upload via 'filename' Parameter in update_media_metadata Endpoint

The AI Engine – The Chatbot and AI Framework for WordPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the resthelpersupdatemediametadata function in all versions up to, and including, 3.3.2. This makes it possible for authenticated attacker...

7.2CVSS6.5AI score0.00667EPSS
Exploits0References4
CVE
CVE
added 2026/01/28 8:26 a.m.17 views

CVE-2026-1400

CVE-2026-1400 – AI Engine (WordPress) Arbitrary File Upload Summary: The AI Engine – The Chatbot and AI Framework for WordPress plugin is vulnerable to arbitrary file uploads due to missing file type validation in rest_helpers_update_media_metadata. Affected versions are up to 3.3.2. What’s vulne...

7.2CVSS6.5AI score0.00667EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/01/28 8:26 a.m.30 views

CVE-2026-1400 AI Engine <= 3.3.2 - Authenticated (Editor+) Arbitrary File Upload via 'filename' Parameter in update_media_metadata Endpoint

The AI Engine – The Chatbot and AI Framework for WordPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the resthelpersupdatemediametadata function in all versions up to, and including, 3.3.2. This makes it possible for authenticated attacker...

7.2CVSS0.00667EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/01/28 12:0 a.m.10 views

PT-2026-5083

The AI Engine – The Chatbot and AI Framework for WordPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the rest helpers update media metadata function in all versions up to, and including, 3.3.2. This makes it possible for authenticated...

7.2CVSS6.5AI score0.00667EPSS
Exploits0References5
Rows per page
Query Builder