CVE-2024-7714 — HIGH (7.5) — White Hats Nepal

Q: How severe is CVE-2024-7714?

CVE-2024-7714 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2024-7714?

Check the references section above for vendor advisories and patch information. Affected products include: Ays-Pro Chatgpt Assistant.

Vulnerability Description

The AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0 lacks sufficient access controls allowing an unauthenticated user to disconnect the AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0 from OpenAI, thereby disabling the AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0. Multiple actions are accessible: 'ays_chatgpt_disconnect', 'ays_chatgpt_connect', and 'ays_chatgpt_save_feedback'

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

HIGH

Availability

NONE

Affected Products

Vendor	Product	Versions
Ays-Pro	Chatgpt Assistant	< 2.1.0

References

https://wpscan.com/vulnerability/04447c76-a61b-4091-a510-c76fc8ca5664/ExploitThird Party Advisory

FAQ

What is CVE-2024-7714?

CVE-2024-7714 is a vulnerability with a CVSS score of 7.5 (HIGH). The AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0 lacks sufficient access controls allowing an unauthenticated user to disconnect the AI ChatBot with ChatGPT and C...

How severe is CVE-2024-7714?

CVE-2024-7714 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2024-7714?

Check the references section above for vendor advisories and patch information. Affected products include: Ays-Pro Chatgpt Assistant.