Technical description
Missing Authorization vulnerability in Jordy Meow AI Engine Pro allows exploiting incorrectly configured access control security levels, enabling unauthorized access to AI engine functionality.
Attack vector
Attackers can exploit incorrectly configured access control settings to bypass authorization checks and gain unauthorized access to AI engine capabilities.
Affected systems
AI Engine Pro versions from n/a through < 3.4.2 used in WordPress environments.
Mitigation
Update to AI Engine Pro version 3.4.2 or later. Review and properly configure access control security levels according to vendor guidelines.