PatchstackVULNRICHMENT:CVE-2023-51528CVE-2023-51528 WordPress GPT3 AI Content Writer Plugin <= 1.8.12 is vulnerable to Cross Site Request Forgery (CSRF)
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
AI Score
Confidence
High
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
Cross-Site Request Forgery (CSRF) vulnerability in Senol Sahin AI Power: Complete AI Pack – Powered by GPT-4.This issue affects AI Power: Complete AI Pack – Powered by GPT-4: from n/a through 1.8.12.
CNA Affected
[
{
"vendor": "Senol Sahin",
"product": "AI Power: Complete AI Pack – Powered by GPT-4",
"versions": [
{
"status": "affected",
"changes": [
{
"at": "1.8.13",
"status": "unaffected"
}
],
"version": "n/a",
"versionType": "custom",
"lessThanOrEqual": "1.8.12"
}
],
"packageName": "gpt3-ai-content-generator",
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected"
}
]Related
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
AI Score
Confidence
High
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial