{"data":{"id":"7631f013-5e84-4f9e-a7a2-4ae7d77a1276","title":"CVE-2024-52383: Missing Authorization vulnerability in KCT Ai Auto Tool Content Writing Assistant (Gemini Writer, ChatGPT ) All in One a","summary":"CVE-2024-52383 is a missing authorization vulnerability (a flaw where the software fails to check if a user has permission to perform an action) in the KCT Ai Auto Tool Content Writing Assistant plugin for WordPress, affecting versions up to 2.1.2. This vulnerability allows attackers to exploit incorrectly configured access control (permission settings) to gain unauthorized access.","solution":"N/A -- no mitigation discussed in source.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2024-52383","publishedAt":"2024-11-14T23:15:25.673Z","cveId":"CVE-2024-52383","cweIds":["CWE-862"],"cvssScore":"7.5","cvssSeverity":"high","severity":"high","attackType":["other"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["Gemini","ChatGPT","KCT Ai Auto Tool Content Writing Assistant"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.00305,"patchAvailable":null,"disclosureDate":null,"capecIds":["CAPEC-122"],"crossRefCount":0,"attackSophistication":"trivial","impactType":["confidentiality","integrity"],"aiComponentTargeted":"api","llmSpecific":true,"classifierConfidence":0.75,"researchCategory":null,"atlasIds":null}}