Vulnerabilities > Coderevolution
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-03-08 | CVE-2024-13816 | Missing Authorization vulnerability in Coderevolution Aiomatic The Aiomatic - Automatic AI Content Writer & Editor, GPT-3 & GPT-4, ChatGPT ChatBot & AI Toolkit plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability checks on multiple functions in all versions up to, and including, 2.3.6. | 5.4 |
| 2025-03-08 | CVE-2024-13882 | Unrestricted Upload of File with Dangerous Type vulnerability in Coderevolution Aiomatic The Aiomatic - Automatic AI Content Writer & Editor, GPT-3 & GPT-4, ChatGPT ChatBot & AI Toolkit plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'aiomatic_generate_featured_image' function in all versions up to, and including, 2.3.8. | 8.8 |
| 2024-11-04 | CVE-2024-51681 | Cross-site Scripting vulnerability in Coderevolution WP Pocket Urls 1.0.0/1.0.2 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CodeRevolution WP Pocket URLs allows Stored XSS.This issue affects WP Pocket URLs: from n/a through 1.0.3. | 5.4 |
| 2024-10-01 | CVE-2024-9265 | Unspecified vulnerability in Coderevolution Echo RSS Feed Post Generator The Echo RSS Feed Post Generator plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 5.4.6. | 9.8 |
| 2024-06-09 | CVE-2024-34435 | Missing Authorization vulnerability in Coderevolution Aiomatic Missing Authorization vulnerability in CodeRevolution Aiomatic.This issue affects Aiomatic: from n/a through 1.9.3. | 8.8 |
| 2023-12-15 | CVE-2023-49176 | Unspecified vulnerability in Coderevolution WP Pocket Urls 1.0.0/1.0.2 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodeRevolution WP Pocket URLs allows Reflected XSS.This issue affects WP Pocket URLs: from n/a through 1.0.2. | 6.1 |