WordPress AI Engine Plugin Vulnerability Affects Up To 100,000 Websites

A security advisory was issued for the AI Engine WordPress plugin, installed on over 100,000 websites, the fourth one this month. Rated 8.8, this vulnerability enables attackers with only subscriber-level authentication to upload malicious files when the REST API is enabled.

AI Engine Plugin: Fifth Vulnerability In 2025

This is the fourth vulnerability discovered in the AI Engine plugin in July, following the first one of the year discovered in June, making a total of five vulnerabilities discovered in the plugin so far in 2025. There were nine…