In July 2025, the Wordfence security team identified a critical arbitrary file upload vulnerability in the AI Engine plugin for WordPress, affecting approximately 100,000 active installations. This flaw allowed attackers to upload arbitrary files (e.g., PHP) without authentication, potentially leading to full site takeover.
Vulnerability Overview
1. What is an arbitrary file upload?
This type of vulnerability occurs when a plugin allows uploading files without proper validation—allowing an attacker to upload a malicious file (like PHP), which can then be executed on the server. This often leads to remote code execution (RCE) or full site compromise.
2. Specific mechanism in the AI Engine plugin
- The vulnerability was present in the REST API endpoint
/mwai-ui/v1/files/upload
, which lacked both file type validation and permission checks. - The
permission_callback
was set to__return_true
, allowing anyone (even unauthenticated users) to access it. - Attackers could upload PHP files to public folders and execute them directly via URL.
This flaw was fixed in version 2.9.5. All previous versions are considered vulnerable.
Impact and Risks
- Attackers can gain full control of the website by uploading and executing malicious PHP code.
- Data theft, site defacement, and inclusion in botnets are all possible outcomes.
- The vulnerability was actively exploited before a patch was released.
Vulnerability Summary
Vulnerability | Permissions | What Attackers Can Do | Fix |
---|---|---|---|
Arbitrary File Upload | No login required | Upload PHP/XSS/malicious files | File type and extension validation |
Missing Permission Check | REST API open to all | Call API endpoints without restrictions | Implement permission_callback check |
How to Fix and Protect
- Update the AI Engine plugin immediately to version 2.9.5 or later.
- If you’re using a security plugin (e.g., Wordfence), make sure the firewall is active and updated with the latest rules.
- Restrict file uploads to authorized users only and validate file types properly.
- Check logs and uploaded files regularly for suspicious activity, especially in
wp-content/uploads
.
Recommendations for Site Owners
If your website uses the AI Engine plugin:
- Immediately update to the latest version (at least 2.9.5).
- Ensure a security plugin and Web Application Firewall (WAF) are active.
- Stay informed on plugin updates and security advisories.
Conclusion
The vulnerability in the AI Engine plugin allowed unauthorized file uploads and potential site takeover. It has been patched in version 2.9.5, and all site owners are strongly encouraged to update immediately. This incident highlights the importance of regular updates, proper API permission checks, and layered security mechanisms.
If you need help verifying plugin versions or securing your WordPress site, don’t hesitate to reach out.