The AI Engine plugin for WordPress [1] [2] [3], a widely used AI-related plugin with over 50,000 active installations, has been discovered to have a critical security vulnerability. This vulnerability, known as CVE-2023-51409 [4], allows unauthorized users to upload arbitrary files [1] [2] [3] [4], potentially including malicious PHP files [2], posing a significant risk to websites that utilize the plugin. The severity of this vulnerability is indicated by its Common Vulnerability Scoring System (CVSS) score of 10, the highest level of severity.
Description
The root cause of this vulnerability is the absence of a proper ‘permissioncallback’ parameter in the plugin’s REST API endpoint [4]. As a result, unauthenticated users can exploit this vulnerability by uploading files through the restupload function without proper file type and extension validation. This allows for the upload of arbitrary files [3], such as PHP files [3], which can be used for malicious purposes. It is important to note that this vulnerability can be exploited on a default installation of the plugin without any additional conditions or requirements [3].
To address this issue [1] [2], the development team of the plugin has promptly released a patch in version 1.9.99. It is strongly advised that users update their plugin to at least version 1.9.99 to protect against potential exploitation [2].
Conclusion
The AI Engine plugin for WordPress [1] [2] [3], with its large user base and critical security vulnerability, requires immediate attention from website owners and administrators. Failure to update the plugin to version 1.9.99 or higher leaves websites vulnerable to unauthorized file uploads, including potentially malicious PHP files [2]. By promptly applying the patch, users can mitigate the risk and ensure the security of their websites. This incident highlights the importance of regularly updating plugins and maintaining a robust security posture to protect against emerging threats.
References
[1] https://www.infosecurity-magazine.com/news/flaw-ai-plugin-exposes-50000-wp/
[2] https://flyytech.com/2024/01/09/flaw-in-ai-plugin-exposes-50000-wordpress-sites-to-remote-attack/
[3] https://patchstack.com/articles/ai-engine-plugin-affected-by-critical-vulnerability/
[4] https://securityonline.info/cve-2023-51409-the-severe-vulnerability-threatening-50000-wordpress-sites/
