Introduction
A single subscriber account on a WordPress site running AI Engine plugin versions 2.9.3 or 2.9.4 can upload arbitrary files to the server, potentially leading to remote code execution. This high-severity flaw (CVE-2025-7847, CVSS 8.8) is trivial to exploit and affects over 100,000 active installations, making it a significant risk for organizations relying on AI-driven WordPress features.
About AI Engine: AI Engine is a widely adopted WordPress plugin that integrates AI-powered chatbots, content generation, and automation features. With over 100,000 active sites, it plays a major role in bringing AI capabilities to WordPress-based businesses and content creators.
Technical Information
The vulnerability is rooted in the rest_simpleFileUpload function, present in AI Engine plugin versions 2.9.3 and 2.9.4. This function is accessible via the REST API endpoint /wp-json/mwai-ui/v1/files/upload. The core issue is the absence of file type or extension validation, which allows any authenticated user with subscriber-level access or higher to upload arbitrary files, including executable PHP scripts.
Key technical points:
- The REST API is enabled by default in WordPress, so most installations are exposed unless specifically hardened.
- The vulnerable code is publicly visible in the plugin's repository (api.php#L673, files.php#L332).
- Attackers authenticate as a subscriber, then POST a malicious file to the REST endpoint. The server accepts and stores the file without restriction.
- If the uploaded file is a PHP script and the uploads directory allows execution, the attacker can achieve remote code execution by accessing the file via HTTP.
- This aligns with CWE-434 (Unrestricted Upload of File with Dangerous Type).
Vulnerable code reference:
Detection Methods
Detecting exploitation of the arbitrary file upload vulnerability in the AI Engine WordPress plugin involves several key strategies:
1. Monitoring Web Server Logs:
Regularly review your web server logs for unusual POST requests to the REST API endpoint /wp-json/mwai-ui/v1/files/upload. Unauthorized or unexpected requests to this endpoint may indicate exploitation attempts. (patchstack.com)
2. Inspecting Uploaded Files:
Examine the contents of your WordPress uploads directory (/wp-content/uploads/) for files with suspicious extensions, such as .php, which are not typically uploaded through standard media functions. The presence of such files could signify a successful exploitation. (patchstack.com)
3. Utilizing Security Plugins:
Employ security plugins like Wordfence to detect and block malicious file uploads. These tools can provide real-time alerts and prevent unauthorized access by monitoring for known attack patterns. (wordfence.com)
4. Implementing File Integrity Monitoring:
Set up file integrity monitoring systems to detect unauthorized changes or additions to your website's files. Alerts from these systems can help identify when malicious files have been uploaded.
5. Reviewing User Accounts and Permissions:
Regularly audit user accounts and their permissions, especially focusing on users with Editor-level access and above. Ensure that only trusted individuals have the capability to upload files, reducing the risk of internal exploitation. (wordfence.com)
By proactively implementing these detection methods, you can identify and mitigate potential exploitation of the AI Engine plugin's vulnerability, thereby enhancing your website's security posture.
Affected Systems and Versions
- AI Engine WordPress plugin versions 2.9.3 and 2.9.4 are directly affected
- The vulnerability is present when the REST API is enabled (default in WordPress)
- Sites running version 2.9.5 or later are not affected
Vendor Security History
AI Engine has experienced at least five vulnerabilities in 2025, including arbitrary file upload and privilege escalation issues. The vendor has released patches quickly, usually within days of disclosure, but the frequency of critical issues indicates ongoing security challenges in the development lifecycle.