Meowapps: >> Ai Engine >> 2.4.3 Security Vulnerabilities
The AI Engine WordPress plugin before 2.6.5 does not sanitize and escape a parameter from one of its RESP API endpoint before using it in a SQL statement, allowing admins to perform SQL injection attacks
CVSS Score
7.2
EPSS Score
0.002
Published
2024-12-12
The AI Engine WordPress plugin before 2.4.8 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by admin users when viewing chatbot discussions.
CVSS Score
4.7
EPSS Score
0.002
Published
2024-09-13
Server-Side Request Forgery (SSRF) vulnerability in Jordy Meow AI Engine: ChatGPT Chatbot allows Server Side Request Forgery.This issue affects AI Engine: ChatGPT Chatbot: from n/a through 2.4.7.
CVSS Score
4.9
EPSS Score
0.001
Published
2024-08-01