7.5
CVE-2024-7713
- EPSS 0.3%
- Veröffentlicht 27.09.2024 06:15:11
- Zuletzt bearbeitet 18.03.2025 20:15:24
- Quelle contact@wpscan.com
- CVE-Watchlists
- Unerledigt
LoginAI Chatbot with ChatGPT by AYS <= 2.0.9 - Unauthenticated OpenAI Key Disclosure
AI ChatBot with ChatGPT and Content Generator by AYS <= 2.0.9 - Unauthenticated OpenAI Key Exposure
The AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0 discloses the Open AI API Key, allowing unauthenticated users to obtain it
Mögliche Gegenmaßnahme
AI ChatBot with ChatGPT and Content Generator by AYS: Update to version 2.1.0, or a newer patched version
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ays-pro ≫ Chatgpt Assistant SwEditionfree SwPlatformwordpress Version < 2.1.0
Weitere Schwachstelleninformationen
SystemWordPress Plugin
≫
Produkt
AI ChatBot with ChatGPT and Content Generator by AYS
Version
*-2.0.9
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.3% | 0.215 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
CWE-319 Cleartext Transmission of Sensitive Information
The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.
https://wpscan.com/vulnerability/061eab97-4a84-4738-a1e8-ef9a1261ff73/
https://www.wordfence.com/threat-intel/vulnerabilities/id/eb38024c-880d-4d22-b81a-412d46183e1b