CVE-2024-7713

The AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0 discloses the Open AI API Key, allowing unauthenticated users to obtain it
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:ays-pro:chatgpt_assistant:*:*:*:*:free:wordpress:*:*

History

04 Oct 2024, 17:28

Type Values Removed Values Added
First Time Ays-pro
Ays-pro chatgpt Assistant
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.5
References () https://wpscan.com/vulnerability/061eab97-4a84-4738-a1e8-ef9a1261ff73/ - () https://wpscan.com/vulnerability/061eab97-4a84-4738-a1e8-ef9a1261ff73/ - Third Party Advisory
CPE cpe:2.3:a:ays-pro:chatgpt_assistant:*:*:*:*:free:wordpress:*:*
CWE CWE-319

30 Sep 2024, 12:46

Type Values Removed Values Added
Summary
  • (es) El complemento AI ChatBot con ChatGPT y Content Generator de AYS para WordPress anterior a la versión 2.1.0 revela la clave API de Open AI, lo que permite que los usuarios no autenticados la obtengan

27 Sep 2024, 06:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-09-27 06:15

Updated : 2024-10-04 17:28


NVD link : CVE-2024-7713

Mitre link : CVE-2024-7713

CVE.ORG link : CVE-2024-7713


JSON object : View

Products Affected

ays-pro

  • chatgpt_assistant
CWE
CWE-319

Cleartext Transmission of Sensitive Information