Vulnerabilities > Aipower > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-01-22 | CVE-2024-13361 | Missing Authorization vulnerability in Aipower The AI Power: Complete AI Pack plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the wpaicg_save_image_media function in all versions up to, and including, 1.8.96. | 8.8 |
| 2025-01-22 | CVE-2025-0428 | Deserialization of Untrusted Data vulnerability in Aipower The "AI Power: Complete AI Pack" plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 1.8.96 via deserialization of untrusted input from the $form['post_content'] variable through the wpaicg_export_prompts function. | 7.2 |
| 2025-01-22 | CVE-2025-0429 | Deserialization of Untrusted Data vulnerability in Aipower The "AI Power: Complete AI Pack" plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 1.8.96 via deserialization of untrusted input from the $form['post_content'] variable through the wpaicg_export_ai_forms() function. | 7.2 |
| 2023-12-29 | CVE-2023-51527 | Unspecified vulnerability in Aipower Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Senol Sahin AI Power: Complete AI Pack – Powered by GPT-4.This issue affects AI Power: Complete AI Pack – Powered by GPT-4: from n/a through 1.8.2. | 7.5 |