Description
WordPress Plugin GPT AI Power is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently modify arbitrary posts. WordPress Plugin GPT AI Power version 1.4.37 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.4.38 or latest
References
https://sploitus.com/exploit?id=WPEX-ID:3CA9AC21-2BCE-4480-9079-B4045B261273
https://plugins.svn.wordpress.org/gpt3-ai-content-generator/trunk/README.txt
Related Vulnerabilities
PHP Other Vulnerability (CVE-2015-1352)
Plone CMS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-4194)
WordPress Plugin WOOF-Products Filter for WooCommerce Unspecified Vulnerability (1.2.6)
GlassFish CVE-2010-2397 Vulnerability (CVE-2010-2397)
Roundcube Improper Access Control Vulnerability (CVE-2016-9920)