2025-11-27 09:27:49
Wordfence
PUBLISHED
The AI ChatBot with ChatGPT and Content Generator by AYS plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the ays_chatgpt_save_wp_media function in all versions up to, and including, 2.7.0. This makes it possible for unauthenticated attackers to upload media files.