Medium severity5.4NVD Advisory· Published Mar 8, 2025· Updated Jun 17, 2026
CVE-2024-13816
CVE-2024-13816
Description
The Aiomatic - Automatic AI Content Writer & Editor, GPT-3 & GPT-4, ChatGPT ChatBot & AI Toolkit plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability checks on multiple functions in all versions up to, and including, 2.3.6. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update and delete posts, list and delete batches, list assistant uploaded files, delete personas, delete forms, delete templates, and clear logs. The vulnerability was partially patched in version 2.3.5.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- CodeRevolution/Aiomatic - Automatic AI Content Writer & Editor, GPT-3 & GPT-4, ChatGPT ChatBot & AI Toolkitv5Range: 0
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.