Vulnerabilities > Coderevolution > Aiomatic > 1.4.8
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-03-08 | CVE-2024-13816 | Missing Authorization vulnerability in Coderevolution Aiomatic The Aiomatic - Automatic AI Content Writer & Editor, GPT-3 & GPT-4, ChatGPT ChatBot & AI Toolkit plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability checks on multiple functions in all versions up to, and including, 2.3.6. | 5.4 |
| 2025-03-08 | CVE-2024-13882 | Unrestricted Upload of File with Dangerous Type vulnerability in Coderevolution Aiomatic The Aiomatic - Automatic AI Content Writer & Editor, GPT-3 & GPT-4, ChatGPT ChatBot & AI Toolkit plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'aiomatic_generate_featured_image' function in all versions up to, and including, 2.3.8. | 8.8 |