Cyber Resilience

CVE-2024-5969

Medium

Published: 27 July 2024

Published
27 July 2024
Modified
08 August 2025
KEV Added
Patch
CVSS Score v3.1 5.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
EPSS Score 0.0048 65.7th percentile
Risk Priority 12 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-5969 is a medium-severity Improper Input Validation (CWE-20) vulnerability in Coderevolution Aiomatic. Its CVSS base score is 5.8 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 34.3% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

This vulnerability is AI-related — categorised as Enterprise AI Assistants; in the Other ATLAS/OWASP Terms risk domain.

EU & UK References

Vulnerability details

The AIomatic - Automatic AI Content Writer for WordPress is vulnerable to arbitrary email sending vulnerability in versions up to, and including, 2.0.5. This is due to insufficient limitations on the email recipient and the content in the 'aiomatic_send_email' function…

more

which are reachable via AJAX. This makes it possible for unauthenticated attackers to send emails with any content to any recipient.

CWE(s)

AI Security AnalysisAI

AI Category
Enterprise AI Assistants
Risk Domain
Other ATLAS/OWASP Terms
OWASP Top 10 for LLMs 2025
None mapped
Classification Reason
AIomatic is a WordPress plugin functioning as an AI content writer assistant, fitting the Enterprise AI Assistants category as it provides AI-driven content generation integrated into enterprise-level CMS platforms like WordPress.

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1566.003 Spearphishing via Service Initial Access
Adversaries may send spearphishing messages via third-party services in an attempt to gain access to victim systems.
T1667 Email Bombing Impact
Adversaries may flood targeted email addresses with an overwhelming volume of messages.
Why these techniques?

Unauthenticated exploitation of public-facing WordPress plugin (T1190) enables arbitrary email sending to any recipient with any content, facilitating spearphishing via service (T1566.003) and email bombing for impact (T1667).

Affected Assets

coderevolution
aiomatic
≤ 2.0.6

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-20

Security testing and developer training directly verify and enforce proper input validation, reducing exploitability of injection and malformed-data weaknesses.

addresses: CWE-20

Security testing and evaluation at multiple SDLC stages directly detects missing or flawed input validation, with the required remediation process ensuring fixes are applied.

addresses: CWE-20

Directly implements checks on information inputs to reject invalid data before processing.

addresses: CWE-20

Spam protection mechanisms perform filtering and detection on inbound/outbound messages, directly compensating for missing or weak input validation of unsolicited content.

References