Jingfelix

**Name of the Vulnerable Software and Affected Versions** FastGPT versions 4.14.0 through 4.14.5 **Description** FastGPT, an AI Agent building platform, has an issue where the plugin system can be accessed directly through the API endpoint `/api/plugin/xxx` without authentication. This affects versions 4.14.0 to 4.14.5 and could lead to the plugin system crashing and the loss of plugin installation status. Older versions are considered to have a negligible impact as they only offer information-gathering interfaces. The issue does not result in key leakage. **Recommendations** Versions prior to 4.14.5-fix are affected.