VYPR
Medium severity5.3NVD Advisory· Published Nov 27, 2025· Updated Apr 15, 2026

CVE-2025-13381

CVE-2025-13381

Description

The AI ChatBot with ChatGPT and Content Generator by AYS plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the 'ays_chatgpt_save_wp_media' function in all versions up to, and including, 2.7.0. This makes it possible for unauthenticated attackers to upload media files.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.

CVE-2025-13381 · Medium · VYPR