The AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0 lacks sufficient access controls allowing an unauthenticated user to disconnect the AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0 from OpenAI, thereby disabling the AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0. Multiple actions are accessible: 'ays_chatgpt_disconnect', 'ays_chatgpt_connect', and 'ays_chatgpt_save_feedback'
References
Link | Resource |
---|---|
https://wpscan.com/vulnerability/04447c76-a61b-4091-a510-c76fc8ca5664/ | Exploit Third Party Advisory |
Configurations
History
07 Oct 2024, 14:21
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:ays-pro:chatgpt_assistant:*:*:*:*:free:wordpress:*:* | |
First Time |
Ays-pro
Ays-pro chatgpt Assistant |
|
CWE | NVD-CWE-noinfo | |
References | () https://wpscan.com/vulnerability/04447c76-a61b-4091-a510-c76fc8ca5664/ - Exploit, Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
27 Sep 2024, 17:35
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
27 Sep 2024, 06:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-09-27 06:15
Updated : 2024-10-07 14:21
NVD link : CVE-2024-7714
Mitre link : CVE-2024-7714
CVE.ORG link : CVE-2024-7714
JSON object : View
Products Affected
ays-pro
- chatgpt_assistant
CWE