A critical security flaw has been found in the popular AI Engine plugin for WordPress — currently active on more than 100,000 websites. This marks the fifth vulnerability reported in the plugin this year, and the fourth one just in July. What makes this worse? Even low-level users with subscriber access can upload malicious files directly to the server. If you’re using this plugin to power AI features on your WordPress site, this one’s too close for comfort. But it doesn’t stop there. A separate vulnerability has now been flagged in Customer Reviews for WooCommerce, another widely used plugin running on over 80,000 eCommerce sites. This one leaves them open to stored cross-site scripting (XSS) attacks. And if you’re thinking, “I don’t use WordPress, so I’m good”—think again. Wix just faced a major authentication flaw through its Base44 platform, exposing serious risks even in enterprise-grade apps. ## AI Engine Plugin Vulnerability Exposes 100,000+ WordPress Sites In what’s become an unsettlingly frequent occurrence, the AI Engine WordPress plugin installed on over 100,000 sites was found to harbor its fifth major vulnerability this year, and the fourth one just this July. ![AI Engine Plugin Vulnerability](https://www.stanventures.com/news/wp-content/uploads/2025/07/AI-Engine-Plugin-Vulnerability.png) This time, the flaw allows subscriber-level users, usually the lowest tier of access on a site to upload arbitrary files via the REST API, a vector that could potentially lead to remote code execution. How bad is it? CVSS Score: 8.8/10 — high severity. ### The underlying issue?  Missing file type validation in versions 2.9.3 and 2.9.4 of the plugin. When WordPress allows file uploads, it usually validates the type of the file against its content and extension. But here, that step was skipped, making it dangerously easy for attackers to upload PHP files disguised as legitimate content. Imagine that a seemingly harmless subscriber uploads a corrupted audio file or image. In the backend, it is not just a file but a backdoor script. Here is what [Wordfence said](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/ai-engine/ai-engine-293-294-authenticated-subscriber-arbitrary-file-upload) in its advisory: “This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site’s server when the REST API is enabled, which may make remote code execution possible.” This is not just theoretical. The plugin had nine vulnerabilities discovered in 2024 which includes one rated 9.8, which allowed unauthenticated file uploads and another rated 9.1. This new flaw adds to a growing list that is beginning to concern developers and security experts alike. The plugin’s developer acted swiftly by releasing version 2.9.5, where changes include: - Fixing a server-side request forgery (SSRF) issue in audio transcription. - Sanitizing REST API parameters to prevent API key misuse. - Adding strict file type validation to eliminate arbitrary file uploads. ## WooCommerce Plugin Flaw Affects 80,000 Sites – Unauthenticated Stored XSS And just as WordPress developers were patching AI Engine, another alert came in this time from the Customer Reviews for WooCommerce plugin, active on more than 80,000 websites. This vulnerability is classified as Stored Cross-Site Scripting (XSS). It allows attackers to insert malicious scripts into pages, which then execute every time a user (admin, buyer or site visitor) opens that page. And here is the important thing to understand: that no authentication is required. Literally anyone with access to the plugin’s frontend could exploit it. The flaw lies in the ‘author’ parameter of the plugin’s review submission form, which failed to properly sanitize input and escape output basic but critical security steps. From the Wordfence team: “The plugin is vulnerable to Stored Cross-Site Scripting via the ‘author’ parameter in all versions up to, and including, 5.80.2. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.” Again, this is the kind of vulnerability that leads to site defacement, data theft or malicious redirects. A single review form field becomes a gateway for attackers to embed JavaScript that logs keystrokes or redirects users to phishing sites. ## Wix’s Base44 Platform Exposes Enterprise-Level Vulnerability Now, let’s take this beyond WordPress. The folks at Wiz Security recently discovered a critical flaw in [Wix’s Base44](https://www.stanventures.com/news/wix-unveils-ai-visibility-overview-for-smarter-search-optimization-3615/) vibe coding platform, which had the potential to bypass authentication systems across enterprise-grade apps. ![Wix’s Base44 Platform Exposes Enterprise Level Vulnerability](https://www.stanventures.com/news/wp-content/uploads/2025/07/Wixs-Base44-Platform-Exposes-Enterprise-Level-Vulnerability.jpg) Let that sink in. Wix, known for its secure and scalable web development offerings, found itself in hot water when application IDs (app_id) supposed to be secret were exposed in public-facing URLs and manifest files. This exposure allowed attackers to: 1. Identify a valid app_id from a public link. 2. Use tools like [Swagger-UI](https://swagger.io/tools/swagger-ui/) to simulate user registration even on apps with registration disabled. 3. Receive an OTP via email. 4. Log in and gain full access via the app’s SSO flow. The applications affected were not toy apps either. Many were used for internal operations like HR management, knowledge bases or employee chat systems systems that handle personally identifiable information (PII) daily. Wiz put it bluntly: “What made this vulnerability particularly concerning was its simplicity which required only basic API knowledge to exploit.” The implication? Systemic ecosystem-level risks from platforms moving too fast and skipping deep security validation. Wix did respond quickly, patching the issue within 24 hours. But the discovery raises an important question: If the manifest.json file publicly revealed the app_id, and it was that easy to spot with basic reconnaissance techniques, why hadn’t it been caught in earlier security audits? Wiz didn’t hold back: “This low barrier to entry meant attackers could systematically compromise multiple applications across the platform with minimal technical sophistication.” ## What is The Real Threat Here? We are seeing a pattern and one that does not end at WordPress or Wix. It is part of a broader issue. - AI integrations are expanding rapidly. - Low-code/no-code platforms are empowering users but sometimes at the [expense of cybersecurity](https://www.stanventures.com/industries/cybersecurity-seo/). - Security measures like file validation, sanitization and hidden keys are being skipped or overlooked. When subscriber-level access or even no access, is enough to exploit a vulnerability, the traditional security models begin to falter. ## Takeaways for Developers, Site Owners and Enterprises 1. **Update Immediately**: If you are using AI Engine, upgrade to version 2.9.5. If you’re on WooCommerce Reviews, upgrade past 5.80.2. 2. **Audit Regularly**: Don’t wait for public disclosures. Conduct security audits even for plugins and apps you trust. 3. **Avoid Complacency with Access Controls**: Don’t assume subscriber-level users pose no threat. 4. **Inspect Public URLs**: If sensitive identifiers are visible, that is a red flag. 5. **Push Vendors for Transparency**: Whether it’s WordPress, Wix or another platform, demand faster disclosure cycles and robust changelogs. ## Systemic Vulnerabilities Are No Longer Rare If 2024 showed signs of rising plugin-related security threats, 2025 is confirming the trend. AI-based plugins, review systems and vibe-coding platforms all promise speed and scale but without parallel advances in security, they can unravel entire ecosystems with a single flaw. But let’s also remember that a plugin that makes life easier can also open the door to something far worse.