A critical security flaw has been found in the AI Engine WordPress plugin. This vulnerability affects over 100,000 websites. The flaw, a critical privilege escalation vulnerability, allows attackers to gain full administrator control of a site. It has a severity score of 9.8 out of 10, which is considered critical.
This issue is significant for all website owners using the plugin. An attacker can use this flaw to completely take over an affected website. Immediate action is required to secure your site.
How the AI Engine WordPress Plugin Flaw Works
The vulnerability is not active by default. It becomes a risk only when a specific setting in the plugin is enabled. Administrators need to understand how this setting creates the security risk.
The problem originates from a feature called the “No-Auth URL”. When an administrator enables this feature, the plugin creates public API routes. These routes incorrectly include a secret bearer token. This token then becomes visible in the public WordPress REST API index, specifically at the /wp-json/ path.
An attacker can easily find this exposed token. With the token, they can log in as an administrator without a password. For example, they can use the wp_update_user command to change their user role to administrator.
Once an attacker has admin access, they can cause serious damage. They could upload malicious plugins or themes containing backdoors, modify site content for spam or phishing campaigns, or completely compromise the entire website.
Responsible Disclosure and Patch Timeline
The quick resolution of this flaw highlights the importance of responsible disclosure. A security researcher, a security company, and the plugin developer worked together. Their collaboration protected users from widespread attacks.
The timeline of events shows a swift and coordinated response.
- October 4, 2025: Security researcher Emiliano Versini discovered and reported the vulnerability.
- October 14, 2025: Wordfence initiated the formal vendor disclosure process.
- October 15, 2025: Wordfence released a protective firewall rule for its premium customers.
- October 19, 2025: The developer released the patched plugin, version 3.1.4.
- November 14, 2025: The firewall protection was extended to free Wordfence users.
Versini received a $2,145.00 bounty for his discovery. This payment shows how bug bounty programs encourage research that makes the WordPress community safer. The successful patch now requires site owners to take the final, critical steps.
Urgent Steps to Secure Your AI Engine WordPress Plugin
Every administrator using the AI Engine plugin must take action now. This vulnerability allows for a complete site takeover, so there is no time to delay. Follow these two essential steps to secure your website.
Update the Plugin: You must immediately update the AI Engine plugin to version 3.1.4 or any later version. This patched version fixes the root cause of the vulnerability.
Rotate Your Bearer Token: Simply updating the plugin is not enough if you have ever used the “No-Auth URL” feature. Your old token might have already been stolen. You must go into the plugin’s settings and rotate the bearer token. This action will invalidate the old token and create a new, secure one.
Do not delay remediation. This critical vulnerability provides a direct path for attackers to achieve a full site compromise. Wordfence is actively monitoring for attacks, and its firewall rules provide an important layer of defense. However, updating the plugin and rotating the token are the only ways to fully resolve the issue.
As AI tools become more integrated with WordPress, vulnerabilities like this highlight the critical need for administrators to stay vigilant with updates and security best practices.
AI Engine 
