SmartSearchWP 漏洞列表
共找到 4 个与 SmartSearchWP 相关的漏洞
📅 加载漏洞趋势中...
-
CVE-2024-6845: SmartSearchWP < 2.4.6 - OpenAI Key Disclosure POC
The plugin does not have proper authorization in one of its REST endpoint, allowing unauthenticated users to retrieve the encoded key and then decode it, thereby leaking the OpenAI API key. -
CVE-2024-6846: SmartSearchWP <= 2.4.4 - Unauthenticated Log Purge POC
The Chatbot with ChatGPT WordPress plugin before 2.4.5 does not validate access on some REST routes, allowing for an unauthenticated user to purge error and chat logs. -
CVE-2024-6845: SmartSearchWP < 2.4.6 - OpenAI Key Disclosure POC
The plugin does not have proper authorization in one of its REST endpoint, allowing unauthenticated users to retrieve the encoded key and then decode it, thereby leaking the OpenAI API key. -
CVE-2024-6846: SmartSearchWP <= 2.4.4 - Unauthenticated Log Purge POC
The Chatbot with ChatGPT WordPress plugin before 2.4.5 does not validate access on some REST routes, allowing for an unauthenticated user to purge error and chat logs.