Description
WordPress Plugin GPT AI Power is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently modify arbitrary posts. WordPress Plugin GPT AI Power version 1.4.37 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.4.38 or latest
References
https://sploitus.com/exploit?id=WPEX-ID:3CA9AC21-2BCE-4480-9079-B4045B261273
https://plugins.svn.wordpress.org/gpt3-ai-content-generator/trunk/README.txt
Related Vulnerabilities
WordPress Plugin U Extended Comment 'fileurl' Parameter Arbitrary File Download (1.0.1)
WordPress 4.7.x Multiple Vulnerabilities (4.7 - 4.7.16)
Oracle Application Server Other Vulnerability (CVE-2004-1365)
Squid Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-18679)