cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-7714,https://securityvulnerability.io/vulnerability/CVE-2024-7714,Unauthorized Access to ChatGPT and Content Generator Plugin,"The AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin prior to version 2.1.0 has significant access control deficiencies. An unauthenticated user can exploit these weaknesses to perform various actions, including disconnecting the plugin from the OpenAI service. This can result in the disruption of the AI functionality and may allow unauthorized users to manipulate connection and feedback processes, such as 'ays_chatgpt_disconnect', 'ays_chatgpt_connect', and 'ays_chatgpt_save_feedback'.",Wordpress,Ai Chatbot With Chatgpt And Content Generator By Ays,7.5,HIGH,0.004089999943971634,false,,false,false,true,true,false,false,2024-09-27T06:00:06.287Z,0
CVE-2024-7713,https://securityvulnerability.io/vulnerability/CVE-2024-7713,AI ChatBot Vulnerability Unveils Open AI API Key to Unauthorized Users,"The AYS WordPress Plugin, utilized for integrating AI ChatBot and content generation functionality, contains a vulnerability that results in the exposure of the Open AI API Key. This flaw impacts versions prior to 2.1.0, enabling unauthorized users to access sensitive API credentials without authentication. The disclosed API Key can potentially be exploited to compromise security, leading to unauthorized actions on systems utilizing the affected plugin. Users are advised to update to the latest version to mitigate the risks associated with this vulnerability.",Wordpress,Ai Chatbot With Chatgpt And Content Generator By Ays,7.5,HIGH,0.0008699999889358878,false,,false,false,true,true,false,false,2024-09-27T06:00:05.128Z,0