VYPR

Complete AI Pack

by WordPress

CVEs (2)

  • CVE-2025-0429HigJan 22, 2025
    risk 0.40cvss 7.2epss 0.01

    The "AI Power: Complete AI Pack" plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 1.8.96 via deserialization of untrusted input from the $form['post_content'] variable through the wpaicg_export_ai_forms() function. This allows…

  • CVE-2024-13360MedJan 22, 2025
    risk 0.28cvss 5.4epss 0.00

    The AI Power: Complete AI Pack plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.8.96 via the wpaicg_troubleshoot_add_vector(). This makes it possible for authenticated attackers, with subscriber-level access and above, to…