ChatGPT Plugins: Data Exfiltration via Images & Cross Plugin Request Forgery
highnewsLLM-Specific
security
Source: Embrace The RedMay 16, 2023
Summary
A malicious website can hijack a ChatGPT chat session and steal conversation history by controlling the data that plugins (add-ons that extend ChatGPT's abilities) retrieve. The post highlights that while plugins can leak data by receiving too much information, the main risk here is when an attacker controls what data the plugin pulls in, enabling them to extract sensitive information.
Classification
Attack Type
Prompt InjectionData Extraction
Attack SophisticationModerate
Impact (CIA+S)
confidentiality
Affected Vendors
OpenAI
Related Issues
Original source: https://embracethered.com/blog/posts/2023/chatgpt-webpilot-data-exfil-via-markdown-injection/
First tracked: February 12, 2026 at 02:20 PM
Classified by LLM (prompt v3) · confidence: 85%