Cyber Resilience

CVE-2023-0405

MediumPublic PoC

Published: 13 February 2023

Published
13 February 2023
Modified
21 March 2025
KEV Added
Patch
CVSS Score v3.1 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
EPSS Score 0.0022 44.1th percentile
Risk Priority 9 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2023-0405 is a medium-severity an unspecified weakness vulnerability in Gptaipower Gpt Ai Power. Its CVSS base score is 4.3 (Medium).

Operationally, ranked at the 44.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

This vulnerability is AI-related — categorised as APIs and Models.

EU & UK References

Vulnerability details

The GPT AI Power: Content Writer & ChatGPT & Image Generator & WooCommerce Product Writer & AI Training WordPress plugin before 1.4.38 does not perform any kind of nonce or privilege checks before letting logged-in users modify arbitrary posts.

CWE(s)
None listed

AI Security AnalysisAI

AI Category
APIs and Models
Risk Domain
N/A
OWASP Top 10 for LLMs 2025
None mapped
Classification Reason
Matched keywords: gpt, ai, ai

Related Threats

Affected Assets

gptaipower
gpt ai power
≤ 1.4.38

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References