CVE-2025-6238: CWE-601 URL Redirection to Untrusted Site ('Open Redirect') in tigroumeow AI Engine
The AI Engine plugin for WordPress is vulnerable to open redirect in version 2.8.4. This is due to an insecure OAuth implementation, as the 'redirect_uri' parameter is missing validation during the authorization flow. This makes it possible for unauthenticated attackers to intercept the authorization code and obtain an access token by redirecting the user to an attacker-controlled URI. Note: OAuth is disabled, the 'Meow_MWAI_Labs_OAuth' class is not loaded in the plugin in the patched version 2.8.5.
AI Analysis
Technical Summary
CVE-2025-6238 is a high-severity vulnerability affecting version 2.8.4 of the AI Engine plugin for WordPress developed by tigroumeow. The vulnerability is classified as an open redirect (CWE-601) stemming from an insecure OAuth implementation. Specifically, the 'redirect_uri' parameter used during the OAuth authorization flow lacks proper validation, allowing unauthenticated attackers to manipulate this parameter to redirect users to attacker-controlled URLs. This flaw enables attackers to intercept the OAuth authorization code, which can then be exchanged for an access token, potentially granting unauthorized access to protected resources or user accounts. The vulnerability requires user interaction, as the victim must initiate the OAuth flow, but no prior authentication is needed for the attacker. The CVSS v3.1 score is 8.0 (high), reflecting the significant impact on confidentiality, integrity, and availability if exploited. The patched version 2.8.5 disables OAuth by not loading the vulnerable 'Meow_MWAI_Labs_OAuth' class, effectively mitigating the issue. No known exploits are reported in the wild as of now. This vulnerability is critical in environments where the AI Engine plugin is used with OAuth enabled, as attackers could leverage this to compromise user sessions or escalate privileges through token theft.
Potential Impact
For European organizations using the tigroumeow AI Engine plugin version 2.8.4 with OAuth enabled, this vulnerability poses a substantial risk. Successful exploitation could lead to unauthorized access to sensitive data, manipulation of AI-driven functionalities, and potential compromise of user accounts or administrative privileges. This could disrupt business operations, lead to data breaches involving personal or proprietary information, and damage organizational reputation. Given the GDPR regulatory environment in Europe, such breaches could also result in significant legal and financial penalties. Organizations relying on AI Engine for critical workflows or customer-facing applications may face service disruptions or loss of trust. The requirement for user interaction means phishing or social engineering campaigns could be used to trigger the exploit, increasing the attack surface. Although no active exploits are currently known, the high CVSS score and ease of exploitation without authentication make this a pressing threat to address promptly.
Mitigation Recommendations
European organizations should immediately upgrade the AI Engine plugin to version 2.8.5 or later, where OAuth is disabled and the vulnerable class is removed. If upgrading is not immediately feasible, organizations should disable OAuth functionality within the plugin configuration to prevent the vulnerable authorization flow from being triggered. Additionally, implement strict validation and whitelisting of redirect URIs at the application level to prevent open redirects. Security teams should monitor user activity for suspicious OAuth authorization attempts and educate users about phishing risks related to OAuth flows. Employ web application firewalls (WAFs) with rules targeting open redirect patterns to detect and block malicious redirection attempts. Regularly audit WordPress plugins for updates and vulnerabilities, and consider isolating AI Engine plugin usage to non-critical environments until patched. Finally, review OAuth client credentials and revoke any tokens that may have been compromised prior to patching.
Affected Countries
Germany, France, United Kingdom, Netherlands, Italy, Spain, Poland, Sweden, Belgium
CVE-2025-6238: CWE-601 URL Redirection to Untrusted Site ('Open Redirect') in tigroumeow AI Engine
Description
The AI Engine plugin for WordPress is vulnerable to open redirect in version 2.8.4. This is due to an insecure OAuth implementation, as the 'redirect_uri' parameter is missing validation during the authorization flow. This makes it possible for unauthenticated attackers to intercept the authorization code and obtain an access token by redirecting the user to an attacker-controlled URI. Note: OAuth is disabled, the 'Meow_MWAI_Labs_OAuth' class is not loaded in the plugin in the patched version 2.8.5.
AI-Powered Analysis
Technical Analysis
CVE-2025-6238 is a high-severity vulnerability affecting version 2.8.4 of the AI Engine plugin for WordPress developed by tigroumeow. The vulnerability is classified as an open redirect (CWE-601) stemming from an insecure OAuth implementation. Specifically, the 'redirect_uri' parameter used during the OAuth authorization flow lacks proper validation, allowing unauthenticated attackers to manipulate this parameter to redirect users to attacker-controlled URLs. This flaw enables attackers to intercept the OAuth authorization code, which can then be exchanged for an access token, potentially granting unauthorized access to protected resources or user accounts. The vulnerability requires user interaction, as the victim must initiate the OAuth flow, but no prior authentication is needed for the attacker. The CVSS v3.1 score is 8.0 (high), reflecting the significant impact on confidentiality, integrity, and availability if exploited. The patched version 2.8.5 disables OAuth by not loading the vulnerable 'Meow_MWAI_Labs_OAuth' class, effectively mitigating the issue. No known exploits are reported in the wild as of now. This vulnerability is critical in environments where the AI Engine plugin is used with OAuth enabled, as attackers could leverage this to compromise user sessions or escalate privileges through token theft.
Potential Impact
For European organizations using the tigroumeow AI Engine plugin version 2.8.4 with OAuth enabled, this vulnerability poses a substantial risk. Successful exploitation could lead to unauthorized access to sensitive data, manipulation of AI-driven functionalities, and potential compromise of user accounts or administrative privileges. This could disrupt business operations, lead to data breaches involving personal or proprietary information, and damage organizational reputation. Given the GDPR regulatory environment in Europe, such breaches could also result in significant legal and financial penalties. Organizations relying on AI Engine for critical workflows or customer-facing applications may face service disruptions or loss of trust. The requirement for user interaction means phishing or social engineering campaigns could be used to trigger the exploit, increasing the attack surface. Although no active exploits are currently known, the high CVSS score and ease of exploitation without authentication make this a pressing threat to address promptly.
Mitigation Recommendations
European organizations should immediately upgrade the AI Engine plugin to version 2.8.5 or later, where OAuth is disabled and the vulnerable class is removed. If upgrading is not immediately feasible, organizations should disable OAuth functionality within the plugin configuration to prevent the vulnerable authorization flow from being triggered. Additionally, implement strict validation and whitelisting of redirect URIs at the application level to prevent open redirects. Security teams should monitor user activity for suspicious OAuth authorization attempts and educate users about phishing risks related to OAuth flows. Employ web application firewalls (WAFs) with rules targeting open redirect patterns to detect and block malicious redirection attempts. Regularly audit WordPress plugins for updates and vulnerabilities, and consider isolating AI Engine plugin usage to non-critical environments until patched. Finally, review OAuth client credentials and revoke any tokens that may have been compromised prior to patching.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Wordfence
- Date Reserved
- 2025-06-18T13:58:33.637Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 68673b5e6f40f0eb729e5fac
Added to database: 7/4/2025, 2:24:30 AM
Last enriched: 7/4/2025, 2:40:33 AM
Last updated: 7/8/2025, 2:39:32 PM
Views: 6
Related Threats
CVE-2025-7524: Command Injection in TOTOLINK T6
MediumCVE-2025-7012: CWE-59 Improper Link Resolution Before File Access ('Link Following') in Cato Networks Cato Client
HighCVE-2025-7523: XML External Entity Reference in Jinher OA
MediumCVE-2025-7522: SQL Injection in PHPGurukul Vehicle Parking Management System
MediumCVE-2025-7521: SQL Injection in PHPGurukul Vehicle Parking Management System
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.