CVE-2026-1336
📋 TL;DR
This vulnerability allows unauthenticated attackers to view, modify, or delete the ChatGPT API key stored by the WordPress plugin. It affects all WordPress sites using the AI ChatBot with ChatGPT and Content Generator by AYS plugin up to version 2.7.5.
💻 Affected Systems
- AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Attackers steal the ChatGPT API key, incurring financial costs through unauthorized API usage, or modify/delete the key to disrupt chatbot functionality.
Likely Case
Attackers view and steal the API key for their own use, leading to unauthorized API charges for the victim.
If Mitigated
If proper network controls block external access to WordPress admin functions, impact is limited to authenticated users only.
🎯 Exploit Status
The vulnerability is simple to exploit via direct HTTP requests to the vulnerable endpoints without authentication.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 2.7.6
Vendor Advisory: https://plugins.trac.wordpress.org/browser/ays-chatgpt-assistant/tags/2.7.6
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find 'AI ChatBot with ChatGPT and Content Generator by AYS'. 4. Click 'Update Now' if update is available. 5. Alternatively, download version 2.7.6+ from WordPress plugin repository and manually update.
🔧 Temporary Workarounds
Disable Plugin
allTemporarily deactivate the vulnerable plugin until patched.
wp plugin deactivate ays-chatgpt-assistant
Restrict Admin Access
linuxUse web application firewall or .htaccess to block external access to /wp-admin/ and /wp-json/ endpoints.
# Example .htaccess rule: Order Deny,Allow
Deny from all
Allow from 192.168.0.0/24
🧯 If You Can't Patch
- Immediately deactivate the plugin and remove it from the WordPress installation.
- Monitor ChatGPT API usage and billing for unauthorized activity, and rotate API keys if compromised.
🔍 How to Verify
Check if Vulnerable:
Check WordPress admin > Plugins > Installed Plugins for 'AI ChatBot with ChatGPT and Content Generator by AYS' version 2.7.5 or lower.Check Version:
wp plugin get ays-chatgpt-assistant --field=versionVerify Fix Applied:
Confirm plugin version is 2.7.6 or higher in WordPress admin panel.📡 Detection & Monitoring
Log Indicators:
- Unusual POST/GET requests to /wp-admin/admin-ajax.php with action parameters related to store_data or get_chatgpt_api_key from unauthenticated IPs.
- Failed authentication attempts followed by successful API key access.
Network Indicators:
- HTTP traffic to WordPress admin endpoints (e.g., /wp-admin/admin-ajax.php) from external IPs without prior authentication.
SIEM Query:
source="web_server" AND (url="*admin-ajax.php*" AND (action="*store_data*" OR action="*get_chatgpt_api_key*")) AND user="-"🔗 References
- https://plugins.trac.wordpress.org/browser/ays-chatgpt-assistant/tags/2.7.4/admin/class-chatgpt-assistant-admin.php#L4060
- https://plugins.trac.wordpress.org/browser/ays-chatgpt-assistant/tags/2.7.4/includes/chatgpt-assistant-db-actions/class-chatgpt-assistant-db-actions.php#L23
- https://www.wordfence.com/threat-intel/vulnerabilities/id/53b3d441-4938-435f-85c3-707477f0293d?source=cve
