Vulnerabilities > Meowapps

DATE CVE VULNERABILITY TITLE RISK
2024-11-01 CVE-2024-43332 Missing Authorization vulnerability in Meowapps Photo Engine
Missing Authorization vulnerability in Jordy Meow Photo Engine allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Photo Engine: from n/a through 6.4.0.
network
low complexity
meowapps CWE-862
8.8
2024-09-13 CVE-2024-6723 SQL Injection vulnerability in Meowapps AI Engine
The AI Engine WordPress plugin before 2.4.8 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by admin users when viewing chatbot discussions.
network
low complexity
meowapps CWE-89
4.7
2024-06-10 CVE-2024-35712 Unspecified vulnerability in Meowapps Database Cleaner
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Jordy Meow Database Cleaner allows Relative Path Traversal.This issue affects Database Cleaner: from n/a through 1.0.5.
network
low complexity
meowapps
4.9
2024-02-05 CVE-2024-0699 Unrestricted Upload of File with Dangerous Type vulnerability in Meowapps AI Engine
The AI Engine: Chatbots, Generators, Assistants, GPT 4 and more! plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'add_image_from_url' function in all versions up to, and including, 2.1.4.
network
low complexity
meowapps CWE-434
7.2
2024-01-08 CVE-2023-51508 Unspecified vulnerability in Meowapps Database Cleaner
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Jordy Meow Database Cleaner: Clean, Optimize & Repair.This issue affects Database Cleaner: Clean, Optimize & Repair: from n/a through 0.9.8.
network
low complexity
meowapps
7.5
2023-12-20 CVE-2023-38513 Unspecified vulnerability in Meowapps Photo Engine
Authorization Bypass Through User-Controlled Key vulnerability in Jordy Meow Photo Engine (Media Organizer & Lightroom).This issue affects Photo Engine (Media Organizer & Lightroom): from n/a through 6.2.5.
network
low complexity
meowapps
5.4
2023-12-19 CVE-2023-44991 Unspecified vulnerability in Meowapps Media File Renamer - Auto & Manual Rename
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Jordy Meow Media File Renamer: Rename Files (Manual, Auto & AI).This issue affects Media File Renamer: Rename Files (Manual, Auto & AI): from n/a through 5.6.9.
network
low complexity
meowapps
7.5
2023-12-19 CVE-2023-44982 Unspecified vulnerability in Meowapps Perfect Images
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Jordy Meow Perfect Images (Manage Image Sizes, Thumbnails, Replace, Retina).This issue affects Perfect Images (Manage Image Sizes, Thumbnails, Replace, Retina): from n/a through 6.4.5.
network
low complexity
meowapps
7.5
2023-06-27 CVE-2023-2580 Unspecified vulnerability in Meowapps AI Engine
The AI Engine WordPress plugin before 1.6.83 does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example, in multisite setup).
network
low complexity
meowapps
4.8
2021-10-04 CVE-2021-36850 Cross-Site Request Forgery (CSRF) vulnerability in Meowapps Media File Renamer - Auto & Manual Rename
Cross-Site Request Forgery (CSRF) vulnerability in WordPress Media File Renamer – Auto & Manual Rename plugin (versions <= 5.1.9).
network
low complexity
meowapps CWE-352
4.3