Calgary, Alberta, Canada
sales@hackhalt.com
Free Download Free Download Free Download
Explore Pricing Explore Pricing Explore Pricing

Blog

"Prevention is cheaper than a breach"

Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total5
Critical0
High2
Medium3
Reset
Showing 1-5 of 5 records
Threat Entry Updated 2026-03-03

CVE-2026-1336 - Ai Chatbot With Chatgpt And Content Generator By Ays Plugin

The AI ChatBot with ChatGPT and Content Generator by AYS plugin for WordPress is vulnerable to unauthorized access and modification of data due to missing capability checks on the store_data() and get_chatgpt_api_key() functions in all versions up to, and including, 2.7.5. This makes it possible for unauthenticated attackers to view, modify or delete the plugin's ChatGPT API key. The vulnerability was partially fixed in version 2.7.5 and fully fixed in version 2.7.6

PLUGIN Ai Chatbot With Chatgpt And Content Generator By Ays

CVE-2026-1336

MEDIUM CVSS 5.3 2026-03-03
Open Full Technical Breakdown
Threat Entry Updated 2025-12-01

CVE-2025-13381 - Ai Chatbot With Chatgpt And Content Generator By Ays Plugin

The AI ChatBot with ChatGPT and Content Generator by AYS plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the 'ays_chatgpt_save_wp_media' function in all versions up to, and including, 2.7.0. This makes it possible for unauthenticated attackers to upload media files.

PLUGIN Ai Chatbot With Chatgpt And Content Generator By Ays

CVE-2025-13381

MEDIUM CVSS 5.3 2025-11-27
Open Full Technical Breakdown
Threat Entry Updated 2025-12-01

CVE-2025-13378 - Ai Chatbot With Chatgpt And Content Generator By Ays Plugin

The AI ChatBot with ChatGPT and Content Generator by AYS plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.7.0 via the ays_chatgpt_pinecone_upsert function. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.

PLUGIN Ai Chatbot With Chatgpt And Content Generator By Ays

CVE-2025-13378

MEDIUM CVSS 6.5 2025-11-27
Open Full Technical Breakdown
Threat Entry Updated 2024-10-07

CVE-2024-7714 - Ai Chatbot With Chatgpt And Content Generator By Ays Plugin

The AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0 lacks sufficient access controls allowing an unauthenticated user to disconnect the AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0 from OpenAI, thereby disabling the AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0. Multiple actions are accessible: 'ays_chatgpt_disconnect', 'ays_chatgpt_connect', and 'ays_chatgpt_save_feedback'

PLUGIN Ai Chatbot With Chatgpt And Content Generator By Ays

CVE-2024-7714

HIGH CVSS 7.5 2024-09-27
Open Full Technical Breakdown
Scroll to top