CVE-2024-12473: The AI Scribe – SEO AI Writer, Content Generator, Humanizer, Blog Writer, SEO Optimizer, DALLE-3, AI WordPress Plugin Ch

The AI Scribe WordPress plugin (version 2.3 and earlier) has a SQL injection vulnerability (a flaw where attackers can insert malicious database commands) in its article builder feature that allows authenticated users with Contributor-level access to extract sensitive information from the website's database. The vulnerability exists because the plugin doesn't properly clean up user input before using it in database queries.