CVE-2026-0746 is a Server-Side Request Forgery (SSRF) vulnerability identified in the AI Engine plugin for WordPress, a chatbot and AI framework widely used to enhance website interactivity. The vulnerability exists in all versions up to and including 3.3.2, specifically within the 'get_audio' function. SSRF vulnerabilities allow attackers to induce the server to make HTTP requests to arbitrary locations, potentially accessing internal or protected resources not directly reachable from the outside. In this case, exploitation requires an attacker to be authenticated with at least Subscriber-level privileges, which is a relatively low-level access in WordPress, often granted to registered users or commenters. The attack vector is further conditioned on two factors: the plugin's 'Public API' feature must be enabled, and the server's PHP configuration must have 'allow_url_fopen' set to On, which permits file functions to retrieve data from remote locations. When these conditions are met, an attacker can leverage the 'get_audio' function to craft requests that reach internal services, potentially querying sensitive information or modifying data if internal APIs are vulnerable. The vulnerability impacts confidentiality and integrity but does not affect availability. The CVSS 3.1 base score is 6.4, reflecting network attack vector, low attack complexity, low privileges required, no user interaction, and a scope change due to potential access to internal resources. No public exploits have been reported yet, but the presence of this vulnerability in a popular WordPress plugin poses a significant risk, especially for websites exposing the Public API. The vulnerability was published on January 27, 2026, with no patch links currently available, indicating that mitigation relies on configuration changes and access control until an official fix is released.

For European organizations, this SSRF vulnerability presents a moderate risk primarily to websites using the AI Engine WordPress plugin with the Public API enabled. Exploitation could allow attackers to bypass perimeter defenses and access internal services, potentially exposing sensitive data or enabling further lateral movement within the network. This is particularly concerning for organizations with complex internal APIs or microservices architectures. Confidentiality is at risk as internal endpoints might reveal sensitive information. Integrity could also be compromised if internal services allow data modification via these requests. Although availability is not directly impacted, successful exploitation could be a stepping stone for more damaging attacks. Organizations relying heavily on WordPress for customer interaction, e-commerce, or internal portals should be vigilant. The risk is amplified in environments where 'allow_url_fopen' is enabled, a common default in many PHP installations. Given the medium CVSS score and the requirement for authenticated access, the threat is moderate but should not be underestimated, especially in sectors with strict data protection regulations like GDPR. Attackers could leverage low-privilege accounts, which are easier to obtain or compromise, to exploit this vulnerability, increasing the attack surface.

To mitigate this vulnerability, European organizations should first audit their WordPress installations to identify the presence of the AI Engine plugin and verify the version in use. If the plugin is present and the version is 3.3.2 or earlier, immediate action is required. Disable the 'Public API' feature in the plugin settings if it is not essential for business operations, as this is a key enabler of the SSRF exploit. Review and harden PHP configurations by setting 'allow_url_fopen' to Off unless absolutely necessary, reducing the risk of remote file inclusion and SSRF. Implement strict access controls and monitoring on internal services to detect and prevent unauthorized requests originating from the web server. Employ Web Application Firewalls (WAFs) with rules designed to detect and block SSRF patterns targeting internal IP ranges. Monitor logs for unusual outbound requests from the web server, especially to internal IP addresses or unexpected external domains. Encourage users to upgrade to patched versions of the plugin once available and maintain a robust patch management process. Additionally, restrict Subscriber-level user capabilities where possible and enforce strong authentication mechanisms to reduce the likelihood of account compromise. Conduct regular security assessments and penetration tests focusing on SSRF and related vulnerabilities in web applications.