AI Engine
Jordy Meow
Developer
3.2.3
Latest version
100,000
Installations
14 hours ago
Last updated
Vulnerability history
0 present
20 fixed
14 Mitigation rules
- Authenticated (Editor+) Server-Side Request Forgery vulnerability<= 3.1.817 hours ago
- Authenticated (Subscriber+) PHP Object Injection via PHAR Deserialization vulnerability<= 3.1.85 days ago
- Unauthenticated Sensitive Information Exposure to Privilege Escalation vulnerability<= 3.1.3Nov 5, 2025
- Missing Authorization to Unauthenticated Uploaded Files Disclosure And Deletion vulnerability<= 2.9.5Sep 3, 2025
- Authenticated (Subscriber+) Arbitrary File Upload2.9.3-2.9.4Jul 30, 2025
- Missing URL Scheme Validation to Authenticated (Subscriber+) Arbitrary File Read via simpleTranscribeAudio and get_audio Functions vulnerability<= 2.9.4Jul 23, 2025
- Authenticated (Subscriber+) Stored Cross-Site Scripting via `mwai_chatbot` Shortcode `id` Parameter vulnerability<= 2.8.4Jul 7, 2025
- Insecure OAuth Implementation vulnerability<= 2.8.4Jul 3, 2025
- Authenticated (Subscriber+) Insufficient Authorization to Privilege Escalation via MCP vulnerability<= 2.8.3Jun 19, 2025
- Admin+ SQLi vulnerability< 2.6.5Dec 12, 2024
- Admin+ SQLi vulnerability< 2.4.8Sep 13, 2024
- Admin+ RCE vulnerability< 2.5.1Aug 19, 2024
- Server Side Request Forgery (SSRF) vulnerability<= 2.4.7Jul 22, 2024
- Arbitrary File Upload vulnerability<= 2.2.63May 7, 2024
- Server Side Request Forgery (SSRF) vulnerability<= 2.1.4Mar 26, 2024
- Arbitrary File Upload vulnerability<= 2.1.4Mar 26, 2024
- Unauthenticated Stored Cross-Site Scripting vulnerability<= 2.2.0Mar 4, 2024
- Authenticated (Editor+) Arbitrary File Upload via add_image_from_url vulnerability<= 2.1.4Feb 6, 2024
- Unauthenticated Arbitrary File Upload vulnerability<= 1.9.98Jan 9, 2024
- Auth. Stored Cross-Site Scripting (XSS) vulnerability<= 1.6.82May 19, 2023