CVE-2025-12844 is a deserialization vulnerability classified under CWE-502 found in the tigroumeow AI Engine plugin for WordPress, affecting all versions up to and including 3.1.8. The vulnerability arises from unsafe deserialization of untrusted input in the plugin's REST API endpoints 'rest_simpleTranscribeAudio' and 'rest_simpleVisionQuery'. Specifically, it allows authenticated users with at least Subscriber-level privileges to inject malicious PHP objects via PHAR deserialization. However, the vulnerability alone does not enable exploitation because the plugin lacks a built-in POP (Property Oriented Programming) gadget chain necessary to trigger malicious behavior. Exploitation depends on the presence of another plugin or theme installed on the WordPress site that contains a suitable POP chain. If such a chain exists, attackers can leverage it to perform critical actions such as arbitrary file deletion, sensitive data retrieval, or remote code execution. The CVSS v3.1 base score is 7.1, indicating high severity, with attack vector network-based, requiring low privileges and user interaction. No public exploits are currently known, but the vulnerability poses a significant risk in complex WordPress environments with multiple plugins and themes. The vulnerability was published on November 13, 2025, and is assigned by Wordfence. No patches are currently linked, emphasizing the need for cautious mitigation strategies.

The impact of CVE-2025-12844 is potentially severe for organizations running WordPress sites with the tigroumeow AI Engine plugin alongside other plugins or themes containing exploitable POP chains. Successful exploitation can lead to full compromise of the affected WordPress site, including arbitrary code execution, data theft, and destruction of files. This can result in website defacement, data breaches involving sensitive user or business information, and disruption of services. Since the vulnerability requires authenticated access at Subscriber level or above, attackers may leverage compromised or weak user credentials to initiate attacks. The broad use of WordPress globally, combined with the increasing deployment of AI-related plugins, increases the attack surface. Organizations with high-value websites, e-commerce platforms, or those handling sensitive data are at elevated risk. Additionally, the dependency on other plugins/themes for exploitation complicates detection and remediation, potentially allowing attackers to maintain persistence and evade standard security controls.

To mitigate CVE-2025-12844, organizations should first update the tigroumeow AI Engine plugin to a version that addresses this vulnerability once available. Until a patch is released, administrators should audit all installed plugins and themes to identify and remove or update those containing known POP chains that could be leveraged in exploitation. Restricting REST API access to trusted users and limiting Subscriber-level privileges can reduce the attack surface. Implementing strict user authentication policies, including multi-factor authentication, helps prevent unauthorized access by low-privilege users. Employing Web Application Firewalls (WAFs) with rules to detect and block suspicious deserialization payloads can provide additional protection. Regularly monitoring logs for unusual API activity and performing security scans to detect vulnerable components is essential. Finally, isolating critical WordPress environments and applying the principle of least privilege to plugins and users will minimize potential damage.