cleantalk
Vulnerabilities and Security Researches

Ai Auto Tool Content Writing Assistant (Bard Writer, ChatGPT ) All in One, CVE-2025-12156

CVE, Research URL

CVE-2025-12156

Home page URL

Security reports for Ai Auto Tool Content Writing Assistant (Bard Writer, ChatGPT ) All in One

Application

Ai Auto Tool Content Writing Assistant (Bard Writer, ChatGPT ) All in One

Published on
Nov 04, 2025
Research Description
The Ai Auto Tool Content Writing Assistant (Gemini Writer, ChatGPT ) All in One plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the save_post_data() function in versions 2.0.7 to 2.2.6. This makes it possible for authenticated attackers, with Subscriber-level access and above, to create and publish arbitrary posts.
Affected versions
max 2.0.7.
Status
vulnerable
Previous vulnerability researches
Toast Mobile Menu – PageSpeed Insights Friendly (CVE-2025-53238) , Nov 11, 2025
New vulnerability
Master Blocks – Ultimate Gutenberg Blocks for Marketers (CVE-2025-10896) , Nov 11, 2025
Reuse Builder (CVE-2025-11812) , Nov 11, 2025
ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) (CVE-2025-11823) , Nov 11, 2025
ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) (CVE-2025-12493) , Nov 11, 2025
Gravity Forms Google Sheet Connector (CVE-2025-8606) , Nov 11, 2025