Search Results (Refine Search)
- Keyword (text search): cpe:2.3:a:10web:ai_assistant:1.0.0:*:*:*:*:wordpress:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2023-6985 |
The 10Web AI Assistant – AI content writing assistant plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the install_plugin AJAX action in all versions up to, and including, 1.0.18. This makes it possible for authenticated attackers, with subscriber-level access and above, to install arbitrary plugins that can be used to gain further access to a compromised site. Published: February 05, 2024; 5:15:58 PM -0500 |
V4.0:(not available) V3.1: 8.8 HIGH V2.0:(not available) |