CVE-2026-1400 in AI Engine Plugin
Summary
by MITRE • 01/28/2026
The AI Engine – The Chatbot and AI Framework for WordPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the `rest_helpers_update_media_metadata` function in all versions up to, and including, 3.3.2. This makes it possible for authenticated attackers, with Editor-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. The attacker can upload a benign image file, then use the `update_media_metadata` endpoint to rename it to a PHP file, creating an executable PHP file in the uploads directory.
Be aware that VulDB is the high quality source for vulnerability data.
Analysis
by VulDB Data Team • 01/29/2026
The vulnerability identified as CVE-2026-1400 affects the AI Engine – The Chatbot and AI Framework for WordPress plugin, a widely used WordPress solution that integrates artificial intelligence capabilities into websites. This particular flaw resides within the `rest_helpers_update_media_metadata` function, which handles media metadata updates through the WordPress REST API. The issue represents a critical security gap that undermines the integrity of the WordPress ecosystem, particularly affecting installations where the plugin is active and properly configured. The vulnerability is classified under CWE-434 which specifically addresses the insecure upload of files, making it a direct threat to web application security.
The technical exploitation mechanism of this vulnerability stems from the absence of proper file type validation within the media handling function. When authenticated users with Editor-level permissions or higher attempt to update media metadata through the REST API endpoint, the system fails to verify the file extension or MIME type of the uploaded content. This validation gap allows attackers to upload seemingly harmless image files initially, but then leverage the metadata update functionality to rename these files to executable PHP extensions. The flaw essentially creates a pathway where legitimate file upload functionality becomes a vector for malicious code deployment, as the system accepts the file upload without proper sanitization of the file type or content.
The operational impact of this vulnerability extends beyond simple file upload capabilities and creates a severe risk for remote code execution on affected WordPress installations. Attackers who gain Editor-level access or higher can manipulate the upload process to place PHP shell files or other malicious code within the WordPress uploads directory, which typically has web-accessible permissions. This allows for complete compromise of the affected website, enabling attackers to execute arbitrary commands on the server, steal sensitive data, deface content, or establish persistent backdoors. The vulnerability's exploitation requires minimal privileges but can result in catastrophic consequences for the entire website infrastructure.
Organizations and WordPress administrators should immediately implement mitigations to address this vulnerability, including updating to the latest plugin version where the issue has been resolved. The recommended approach involves applying the vendor-provided patch that introduces proper file type validation and sanitization within the `rest_helpers_update_media_metadata` function. Additionally, implementing network-level restrictions on the WordPress REST API endpoints for non-essential users, disabling unnecessary media metadata update capabilities, and conducting regular security audits of plugin installations can significantly reduce the attack surface. This vulnerability aligns with ATT&CK technique T1190 which focuses on exploiting vulnerabilities in web applications, and represents a classic example of how insufficient input validation can lead to severe privilege escalation and remote code execution scenarios.