A safety advisory was issued for the AI Engine WordPress plugin, put in on over 100,000 web sites, the fourth one this month. Rated 8.8, this vulnerability allows attackers with solely subscriber-level authentication to add malicious information when the REST API is enabled.
AI Engine Plugin: Fifth Vulnerability In 2025
That is the fourth vulnerability found within the AI Engine plugin in July, following the primary one of many yr found in June, making a complete of 5 vulnerabilities found within the plugin up to now in 2025. There have been 9 vulnerabilities found in 2024, one among which was rated 9.8 as a result of it enabled unauthenticated attackers to add malicious information, plus one other rated 9.1 that additionally enabled arbitrary uploads.
Authenticated (Subscriber+) Arbitrary File Add
The most recent vulnerability allows authenticated file uploads. What makes this exploit extra harmful is that it requires solely subscriber-level authentication for an attacker to reap the benefits of the safety weak spot. That isn’t as dangerous as a vulnerability that doesn’t require authentication, however it’s nonetheless rated 8.8 on a scale of 1 to 10.
Wordfence describes the vulnerability as being resulting from lacking file sort validation in a operate associated to the REST API in variations 2.9.3 and a couple of.9.4.
File sort validation is a safety measure sometimes used inside WordPress to be sure that the content material of a file matches the kind of file being uploaded to the web site.
In line with Wordfence:
“This makes it doable for authenticated attackers, with Subscriber-level entry and above, to add arbitrary information on the affected web site’s server when the REST API is enabled, which can make distant code execution doable.”
Customers of the AI Engine plugin are beneficial updating their plugin to the most recent model, 2.9.5, or a more recent model.
The plugin changelog for model 2.9.5 shares what was up to date:
“Repair: Resolved a safety challenge associated to SSRF by validating URL schemes in audio transcription and sanitizing REST API parameters to forestall API key misuse.
Repair: Corrected a crucial safety vulnerability that allowed unauthorized file uploads by including strict file sort validation to forestall PHP execution.”
Featured Picture by Shutterstock/Jiri Hera
