AI Engine
Jordy Meow
Developer
3.4.5
Latest version
100,000
Installations
No date
Last updated
Vulnerability history
0 present
22 patched
16 Mitigation rules
- Arbitrary File Upload vulnerability<= 3.3.225/02/2026
- Authenticated (Subscriber+) Server-Side Request Forgery vulnerability<= 3.3.228/01/2026
- Authenticated (Editor+) Server-Side Request Forgery vulnerability<= 3.1.818/11/2025
- Authenticated (Subscriber+) PHP Object Injection via PHAR Deserialization vulnerability<= 3.1.812/11/2025
- Unauthenticated Sensitive Information Exposure to Privilege Escalation vulnerability<= 3.1.305/11/2025
- Missing Authorization to Unauthenticated Uploaded Files Disclosure And Deletion vulnerability<= 2.9.503/09/2025
- Authenticated (Subscriber+) Arbitrary File Upload2.9.3-2.9.430/07/2025
- Missing URL Scheme Validation to Authenticated (Subscriber+) Arbitrary File Read via simpleTranscribeAudio and get_audio Functions vulnerability<= 2.9.423/07/2025
- Authenticated (Subscriber+) Stored Cross-Site Scripting via `mwai_chatbot` Shortcode `id` Parameter vulnerability<= 2.8.407/07/2025
- Insecure OAuth Implementation vulnerability<= 2.8.403/07/2025
- Authenticated (Subscriber+) Insufficient Authorization to Privilege Escalation via MCP vulnerability<= 2.8.319/06/2025
- Admin+ SQLi vulnerability< 2.6.512/12/2024
- Admin+ SQLi vulnerability< 2.4.813/09/2024
- Admin+ RCE vulnerability< 2.5.119/08/2024
- Server Side Request Forgery (SSRF) vulnerability<= 2.4.722/07/2024
- Arbitrary File Upload vulnerability<= 2.2.6307/05/2024
- Server Side Request Forgery (SSRF) vulnerability<= 2.1.426/03/2024
- Arbitrary File Upload vulnerability<= 2.1.426/03/2024
- Unauthenticated Stored Cross-Site Scripting vulnerability<= 2.2.004/03/2024
- Authenticated (Editor+) Arbitrary File Upload via add_image_from_url vulnerability<= 2.1.406/02/2024
- Unauthenticated Arbitrary File Upload vulnerability<= 1.9.9809/01/2024
- Auth. Stored Cross-Site Scripting (XSS) vulnerability<= 1.6.8219/05/2023