A critical vulnerability has been identified in the AI Engine plugin for WordPress, rated with a CVSS score of 9.8. This flaw allows an unauthenticated attacker to easily access a sensitive API credential, known as a 'Bearer Token', from the website. Successful exploitation could lead to unauthorized use of the associated AI service, resulting in significant financial costs, potential data exposure, and reputational damage.

The vulnerability exists within a custom REST API endpoint, /mcp/v1/, created by the AI Engine plugin. This endpoint fails to implement proper authentication or authorization checks, making it publicly accessible. An unauthenticated attacker can send a simple request to this endpoint and receive a response that improperly includes the 'Bearer Token' (API key) used to authenticate with the backend AI service (e.g., OpenAI). This exposed token can then be used by the attacker to make authenticated requests directly to the AI service, impersonating the vulnerable website.

This vulnerability is of critical severity with a CVSS score of 9.8, reflecting the ease of exploitation and the high potential for impact. An attacker who obtains the Bearer Token can abuse the associated AI service account, leading to significant and unexpected financial costs due to fraudulent API consumption. Furthermore, depending on the permissions of the token, the attacker could access or manipulate data processed by the AI service, potentially leading to a breach of sensitive information. This can cause severe reputational harm, financial loss, and disruption of AI-powered services on the website.

Immediate Action: Immediately update The AI Engine plugin for WordPress to the latest version, which contains the patch for this vulnerability. After updating, it is crucial to rotate the exposed API key/Bearer Token within your AI service provider's dashboard to invalidate the compromised credential.

Proactive Monitoring: Review web server access logs for any requests made to the /mcp/v1/ endpoint. Monitor the API usage and billing dashboards of your AI service provider for any unusual spikes in activity or cost that could indicate a compromise.

Compensating Controls: If immediate patching is not feasible, implement a Web Application Firewall (WAF) rule to block all external access to the /mcp/v1/ REST API endpoint. Alternatively, configure your web server (e.g., Nginx, Apache) to deny access to this specific path.

Public Exploit Available: false

Given the critical CVSS score of 9.8 and the fact that this vulnerability can be exploited by an unauthenticated attacker, immediate action is required. We strongly recommend that all organizations using the affected AI Engine plugin for WordPress apply the available security update immediately. Following the update, the API key must be rotated to ensure any previously exposed credentials cannot be used. Although this CVE is not currently on the CISA KEV list, its severity warrants treating it with the highest priority for remediation.