AI Engine

Information

Software Type Plugin
Software Slug ai-engine (view on wordpress.org)
Software Status Active
Software Author tigroumeow
Software Website wordpress.org
Software Downloads 3,414,632
Software Active Installs 80,000
Software Record Last Updated November 21, 2024

9 Vulnerabilities

Title Status CVE ID CVSS Researchers Date
AI Engine: ChatGPT Chatbot <= 1.9.98 - Unauthenticated Arbitrary File Upload via rest_upload Patched CVE-2023-51409 9.8 Rafie Muhammad January 9, 2024
AI Engine: ChatGPT Chatbot <= 2.2.63 - Authenticated (Editor+) Arbitrary File Upload Patched CVE-2024-34440 9.1 stealthcopter May 7, 2024
AI Engine <= 2.5.0 - Authenticated (Admin+) Remote Code Execution Patched CVE-2024-6451 7.2 Karolis Narvilas July 29, 2024
AI Engine <= 2.1.4 - Authenticated(Editor+) Arbitrary File Upload via add_image_from_url Patched CVE-2024-0699 6.6 rootxsudip January 18, 2024
AI Engine <= 2.2.0 - Unauthenticated Stored Cross-Site Scripting Patched CVE-2024-0378 6.5 rootxsudip March 1, 2024
AI Engine <= 2.4.7 - Authenticated (Subscriber+) Server-Side Request Forgery Patched CVE-2024-38791 6.4 Yuchen Ji July 22, 2024
AI Engine <= 2.1.4 - Authenticated (Editor+) Server-Side Request Forgery Patched CVE-2024-29090 6.4 Rafie Muhammad March 26, 2024
AI Engine <= 2.4.7 - Authenticated (Admin+) SQL Injection Patched CVE-2024-6723 4.9 Karolis Narvilas August 22, 2024
AI Engine: ChatGPT Chatbot, Content Generator, GPT 3 & 4, Ultra-Customizable <= 1.6.82 - Authenticated (Admin+) Stored Cross-Site Scripting Patched CVE-2023-2580 4.4 Felipe Restrepo Rodriguez (pfelilpe) May 19, 2023

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation