CVE-2025-6238 – The AI Engine WordPress plugin version 2.8.4 co... (How to Fix)

Q: What is the severity of CVE-2025-6238?

CVE-2025-6238 has a CVSS score of 8.0 (HIGH). The AI Engine WordPress plugin version 2.8.4 contains an open redirect vulnerability in its OAuth implementation. Unauthenticated attackers can redirect users to malicious sites and potentially intercept authorization codes to obtain access tokens. This affects WordPress sites using the vulnerable plugin version.

📋 TL;DR

The AI Engine WordPress plugin version 2.8.4 contains an open redirect vulnerability in its OAuth implementation. Unauthenticated attackers can redirect users to malicious sites and potentially intercept authorization codes to obtain access tokens. This affects WordPress sites using the vulnerable plugin version.

💻 Affected Systems

Products:

AI Engine WordPress Plugin

Versions: 2.8.4

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects sites with the vulnerable plugin version installed. The OAuth feature was disabled in the patched version.

📦 What is this software?

Ai Engine by Meowapps

View all CVEs affecting Ai Engine →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could steal user credentials, session tokens, or redirect users to phishing sites that capture sensitive information or install malware.

🟠

Likely Case

Attackers redirect users to phishing pages to steal credentials or perform social engineering attacks.

🟢

If Mitigated

Limited impact if users are trained to recognize suspicious redirects and multi-factor authentication is enabled.

🌐 Internet-Facing: HIGH

🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Open redirect vulnerabilities are commonly exploited in phishing campaigns. The vulnerability requires user interaction (clicking a link).

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2.8.5

Vendor Advisory: https://plugins.trac.wordpress.org/changeset/3321384/ai-engine/trunk/labs/oauth.php

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find AI Engine plugin. 4. Click 'Update Now' if available, or manually update to version 2.8.5. 5. Verify the update completed successfully.

🔧 Temporary Workarounds

Disable AI Engine Plugin

linux

Temporarily disable the vulnerable plugin until patched

wp plugin deactivate ai-engine

Block Suspicious Redirects

all

Configure WAF or security plugin to block redirects to external domains

🧯 If You Can't Patch

Implement strict Content Security Policy (CSP) headers to restrict redirect destinations
Deploy web application firewall rules to detect and block open redirect patterns

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin panel > Plugins > AI Engine > Version. If version is 2.8.4, system is vulnerable.

Check Version:

wp plugin get ai-engine --field=version

Verify Fix Applied:

Verify plugin version is 2.8.5 or higher in WordPress admin panel.

📡 Detection & Monitoring

Log Indicators:

Unusual redirect patterns in web server logs
Multiple failed OAuth authorization attempts
Requests with suspicious redirect_uri parameters

Network Indicators:

HTTP 302 redirects to unexpected external domains
OAuth authorization flows to non-standard endpoints

SIEM Query:

source="web_server" (url="*redirect_uri=*" AND NOT url="*redirect_uri=https://expected-domain.com*")

📊 Metadata

CVE ID: CVE-2025-6238

CVSS v3 Score: 8.0 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-601

EPSS Score: 0.09% exploit probability (24.7th percentile)

Published: July 4, 2025

Last Updated: August 13, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-6238, you might also want to check these: