WordPress AI Engine Plugin Sensitive Information Exposure Vulnerability

A vulnerability allowing sensitive information exposure has been identified in the AI Engine plugin for WordPress, affecting all versions through 2.9.4. The issue arises in the simpleTranscribeAudio endpoint, which does not properly validate URL schemes before invoking the get_audio() function. This flaw enables authenticated attackers with Subscriber-level access or higher to read any file on the web server and exfiltrate it using the plugin's OpenAI API integration.

Impact

Exploitation of this vulnerability allows authenticated users to read arbitrary files from the server and send the contents to an external location via the OpenAI API.

Reproduction

To reproduce this vulnerability, an authenticated user with Subscriber-level access or higher can send a request to the 'simpleTranscribeAudio' endpoint without a valid URL scheme. The request can include a 'url' parameter pointing to a file on the server. The 'get_audio()' function will be called with the unvalidated URL, allowing the user to read the file and exfiltrate its contents via the OpenAI API.

Remediation

Users are advised to update the AI Engine plugin to version 2.9.5 or later, where this vulnerability has been patched.