AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2023-45063: Cross-Site Request Forgery (CSRF) vulnerability in ReCorp AI Content Writing Assistant (Content Writer, GPT 3 & 4, ChatG

mediumvulnerabilityLLM-Specific

security

Source: NVD/CVE DatabaseOctober 12, 2023CVE-2023-45063

Summary

A CSRF vulnerability (cross-site request forgery, where an attacker tricks a user into performing unwanted actions on a website they're logged into) was found in the ReCorp AI Content Writing Assistant plugin for WordPress in versions 1.1.5 and earlier. This flaw could allow attackers to exploit users of the plugin without their knowledge.

Vulnerability Details

CVSS Score

4.3(medium)

EPSS (30-day exploit probability)

EPSS: 0.1%

Classification

Attack Type

Other

Attack SophisticationTrivial

Impact (CIA+S)

integrity

AI Component TargetedPlugin

Taxonomy References

CWE (Weakness Type)

CWE-352

Affected Vendors

Related Issues

high

CVE-2022-21727: Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for `Dequantize` is vulne

Similar attackNVD/CVE Database

critical

CVE-2026-22252: LibreChat is a ChatGPT clone with additional features. Prior to v0.8.2-rc2, LibreChat's MCP stdio transport accepts arbi

First tracked: February 15, 2026 at 08:50 PM

Classified by LLM (prompt v3) · confidence: 75%