AI Power: Complete AI Pack WordPress Plugin PHP Object Injection Vulnerability

A PHP Object Injection vulnerability has been identified in the 'AI Power: Complete AI Pack' WordPress plugin, affecting versions through 1.8.96. The vulnerability arises from the deserialization of untrusted data in the 'post_content' variable, specifically within the 'wpaicg_export_prompts' function. This flaw allows authenticated attackers with administrative privileges to inject PHP objects. While the vulnerable plugin does not have an inherent Property-Oriented Programming (POP) chain, the presence of one through an additional plugin or theme could enable the attacker to delete arbitrary files, access sensitive information, or execute code.

Impact

Exploitation of this vulnerability could lead to unauthorized PHP object injection, with the potential for additional impacts if a POP chain is established through other plugins or themes.

Reproduction

To reproduce this vulnerability, an authenticated user with administrative privileges can use the 'wpaicg_export_prompts' function, which will process untrusted input from the 'post_content' variable. This can be done by creating or editing a post with crafted content that exploits the deserialization vulnerability.

Remediation

Users are advised to update the 'AI Power: Complete AI Pack' WordPress plugin to version 1.8.97 or later.