Vulnerabilities > Aipower

DATE CVE VULNERABILITY TITLE RISK
2025-01-22 CVE-2024-13360 Server-Side Request Forgery (SSRF) vulnerability in Aipower
The AI Power: Complete AI Pack plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.8.96 via the wpaicg_troubleshoot_add_vector().
network
low complexity
aipower CWE-918
5.4
5.4
2025-01-22 CVE-2024-13361 Missing Authorization vulnerability in Aipower
The AI Power: Complete AI Pack plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the wpaicg_save_image_media function in all versions up to, and including, 1.8.96.
network
low complexity
aipower CWE-862
8.8
8.8
2025-01-22 CVE-2025-0428 Deserialization of Untrusted Data vulnerability in Aipower
The "AI Power: Complete AI Pack" plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 1.8.96 via deserialization of untrusted input from the $form['post_content'] variable through the wpaicg_export_prompts function.
network
low complexity
aipower CWE-502
7.2
7.2
2025-01-22 CVE-2025-0429 Deserialization of Untrusted Data vulnerability in Aipower
The "AI Power: Complete AI Pack" plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 1.8.96 via deserialization of untrusted input from the $form['post_content'] variable through the wpaicg_export_ai_forms() function.
network
low complexity
aipower CWE-502
7.2
7.2
2024-07-21 CVE-2024-37465 Unspecified vulnerability in Aipower
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Senol Sahin GPT3 AI Content Writer allows Stored XSS.This issue affects GPT3 AI Content Writer: from n/a through 1.8.66.
network
low complexity
aipower
5.4
5.4
2024-02-29 CVE-2023-51528 Unspecified vulnerability in Aipower
Cross-Site Request Forgery (CSRF) vulnerability in Senol Sahin AI Power: Complete AI Pack – Powered by GPT-4.This issue affects AI Power: Complete AI Pack – Powered by GPT-4: from n/a through 1.8.12.
network
low complexity
aipower
8.8
8.8
2023-12-29 CVE-2023-51527 Unspecified vulnerability in Aipower
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Senol Sahin AI Power: Complete AI Pack – Powered by GPT-4.This issue affects AI Power: Complete AI Pack – Powered by GPT-4: from n/a through 1.8.2.
network
low complexity
aipower
7.5
7.5