{"data":{"id":"9c536122-d5a8-4bfa-bb2d-f01158ffeca0","title":"CVE-2024-7713: The AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0 discloses the Open AI API Key, al","summary":"A WordPress plugin called 'AI ChatBot with ChatGPT and Content Generator by AYS' versions before 2.1.0 has a vulnerability where it exposes the OpenAI API key (a secret credential used to access OpenAI's services) in cleartext (unencrypted, readable form), allowing anyone without authentication (login access) to steal it. This vulnerability is tracked as CVE-2024-7713 and was reported on September 27, 2024.","solution":"N/A -- no mitigation discussed in source.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2024-7713","publishedAt":"2024-09-27T10:15:11.327Z","cveId":"CVE-2024-7713","cweIds":["CWE-319"],"cvssScore":"7.5","cvssSeverity":"high","severity":"high","attackType":["pii_leakage"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":["OpenAI"],"affectedVendorsRaw":["OpenAI"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.00412,"patchAvailable":null,"disclosureDate":null,"capecIds":null,"crossRefCount":0,"attackSophistication":"trivial","impactType":["confidentiality"],"aiComponentTargeted":"api","llmSpecific":true,"classifierConfidence":0.92,"researchCategory":null,"atlasIds":null}}