cleantalk
Vulnerabilities and Security Researches

AI Scribe: ChatGPT SEO Content Creator, Article Writer & SEO Assistant (OpenAI GPT-4 & GPT-3.5 Turbo, 16K, 32K & 12, CVE-2024-12606

CVE, Research URL

CVE-2024-12606

Home page URL

Security reports for AI Scribe: ChatGPT SEO Content Creator, Article Writer & SEO Assistant (OpenAI GPT-4 & GPT-3.5 Turbo, 16K, 32K & 12

Application

AI Scribe: ChatGPT SEO Content Creator, Article Writer & SEO Assistant (OpenAI GPT-4 & GPT-3.5 Turbo, 16K, 32K & 12

Published on
Jan 10, 2025
Research Description
The AI Scribe – SEO AI Writer, Content Generator, Humanizer, Blog Writer, SEO Optimizer, DALLE-3, AI WordPress Plugin ChatGPT (GPT-4o 128K) plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the engine_request_data() function in all versions up to, and including, 2.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update plugin settings.
Affected versions
Min -, max 2.3.
Status
vulnerable
Previous vulnerability researches
Labinator Content Types Duplicator (CVE-2025-31809) , Apr 03, 2025
Theme Duplicator (CVE-2025-31845) , Apr 03, 2025
WP Bulk Post Duplicator (CVE-2025-28884) , Mar 13, 2025
Multisite Post Duplicator (CVE-2016-10944) , Jun 07, 2024
Theme File Duplicator (CVE-2025-27283) , Feb 27, 2025
New vulnerability
MasterStudy LMS WordPress Plugin – for Online Courses and Education (CVE-2024-5973) , May 06, 2025
Tainacan (CVE-2024-48040) , May 06, 2025
Events Addon for Elementor (CVE-2022-4974) , May 06, 2025
Leaflet Maps Marker (Google Maps, OpenStreetMap, Bing Maps) (CVE-2024-38782) , May 06, 2025
Download Manager (CVE-2024-10706) , May 06, 2025