Search
Search Results (6 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-60104 | 2 Jordy Meow, Wordpress | 2 Gallery Custom Links, Wordpress | 2025-09-29 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jordy Meow Gallery Custom Links allows Stored XSS. This issue affects Gallery Custom Links: from n/a through 2.2.5. | ||||
| CVE-2025-48169 | 2 Jordy Meow, Wordpress | 2 Code Engine, Wordpress | 2025-08-21 | 9.9 Critical |
| Improper Control of Generation of Code ('Code Injection') vulnerability in Jordy Meow Code Engine allows Remote Code Inclusion. This issue affects Code Engine: from n/a through 0.3.3. | ||||
| CVE-2025-54672 | 2 Jordy Meow, Wordpress | 2 Photo Engine, Wordpress | 2025-08-16 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Jordy Meow Photo Engine allows Cross Site Request Forgery. This issue affects Photo Engine: from n/a through 6.4.3. | ||||
| CVE-2014-2040 | 1 Jordy Meow | 1 Media File Renamer | 2025-04-12 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the (1) callback_multicheck, (2) callback_radio, and (3) callback_wysiwygin functions in mfrh_class.settings-api.php in the Media File Renamer plugin 1.7.0 for WordPress allow remote authenticated users with permissions to add media or edit media to inject arbitrary web script or HTML via unspecified parameters, as demonstrated by the title of an uploaded file. | ||||
| CVE-2024-29100 | 2 Jordy Meow, Meowapps | 2 Ai-engine Chatgpt Chatbot, Ai Engine | 2025-04-08 | 9.1 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow AI Engine: ChatGPT Chatbot.This issue affects AI Engine: ChatGPT Chatbot: from n/a through 2.1.4. | ||||
| CVE-2024-0378 | 2 Jordy Meow, Jordymeow | 2 Ai-engine, Ai Engine | 2025-01-16 | 6.5 Medium |
| The AI Engine: Chatbots, Generators, Assistants, GPT 4 and more! plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the AI chat data when discussion tracking is enabled in all versions up to, and including, 2.2.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | ||||
Page 1 of 1.