Ays Pro ChatBot Allows Unauthorized Access with Incorrect Security Settings

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

5.3

Ays Pro ChatBot Allows Unauthorized Access with Incorrect Security Settings

CVE-2026-25338

Summary

Ays Pro AI ChatBot with ChatGPT and Content Generator has a security flaw that lets an attacker access restricted areas if the security settings are not properly configured. This affects versions of the software up to 2.7.4. To stay safe, update to the latest version or review your security settings.

Original title

Original description

Missing Authorization vulnerability in Ays Pro AI ChatBot with ChatGPT and Content Generator by AYS ays-chatgpt-assistant allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AI ChatBot with ChatGPT and Content Generator by AYS: from n/a through <= 2.7.4.

nvd CVSS3.1 5.3

Vulnerability type

CWE-862 Missing Authorization

https://patchstack.com/database/Wordpress/Plugin/ays-chatgpt-assistant/vulnerabi...

Published: 19 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026