CVE-2025-6238 is an open redirect vulnerability (CWE-601) found in version 2.8.4 of the tigroumeow AI Engine plugin for WordPress. The root cause is an insecure OAuth implementation where the 'redirect_uri' parameter is not validated during the OAuth authorization flow. This flaw allows unauthenticated attackers to craft malicious URLs that redirect users to attacker-controlled domains during the OAuth process. By exploiting this, attackers can intercept the authorization code intended for the legitimate site and exchange it for an access token, effectively hijacking user sessions or gaining unauthorized access to protected resources. The vulnerability requires the victim to interact with a malicious link, and the attacker needs only low privileges to initiate the attack. The plugin's OAuth functionality is disabled in version 2.8.5, where the vulnerable 'Meow_MWAI_Labs_OAuth' class is removed, mitigating the issue. The CVSS v3.1 base score is 8.0, reflecting high severity due to the potential for full compromise of confidentiality, integrity, and availability. Although no exploits have been observed in the wild, the vulnerability poses a significant risk to sites using the affected plugin version.

The vulnerability can lead to severe impacts including unauthorized access to user accounts and sensitive data through OAuth token theft. Attackers can impersonate users or escalate privileges, potentially leading to data breaches, unauthorized actions on behalf of users, and disruption of service. Since the plugin is integrated into WordPress sites, which are widely used globally, the scope of affected systems is broad. The compromise of OAuth tokens can also facilitate further attacks within the victim's environment, such as lateral movement or privilege escalation. The requirement for user interaction and low privilege reduces but does not eliminate risk, as phishing or social engineering can be used to lure victims. Organizations relying on this plugin for AI-powered functionality risk exposure of confidential information and loss of trust if exploited.

Organizations should immediately upgrade the tigroumeow AI Engine plugin to version 2.8.5 or later, where the OAuth functionality is disabled and the vulnerable code removed. Until patching is possible, administrators should consider disabling OAuth features or restricting access to the plugin's authorization endpoints via web application firewalls or access control rules. Monitoring web server logs for suspicious redirect attempts or unusual OAuth authorization flows can help detect exploitation attempts. Educating users about phishing risks and suspicious links is critical to reduce successful exploitation via social engineering. Additionally, implementing strict Content Security Policy (CSP) headers and validating all redirect URIs on the server side can provide defense-in-depth. Regular vulnerability scanning and plugin audits should be conducted to identify outdated or vulnerable components.