CVE-2025-0428

High

Published: 22 January 2025

Published

22 January 2025

Modified

24 January 2025

KEV Added

—

Patch

—

CVSS Score 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0036 58.0th percentile

Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Description

Adversaries may delete files left behind by the actions of their intrusion activity.

Security Summary

CVE-2025-0428 is a PHP Object Injection vulnerability (CWE-502) affecting the "AI Power: Complete AI Pack" WordPress plugin in versions up to and including 1.8.96. The issue arises from deserialization of untrusted input sourced from the $form['post_content'] variable within the wpaicg_export_prompts function, enabling attackers to inject a PHP Object. The vulnerability carries a CVSS v3.1 base score of 7.2 (AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H), reflecting high impact potential with network accessibility and low complexity, though requiring high privileges.

Authenticated attackers possessing administrative privileges on a vulnerable WordPress site can exploit this flaw to inject a PHP Object. While no Proof-of-Concept (POP) chain exists within the affected plugin itself, the presence of a POP chain from another installed plugin or theme could escalate the impact, allowing arbitrary file deletion, sensitive data retrieval, or arbitrary code execution.

Mitigation details are outlined in advisories from Wordfence and the WordPress plugin trac repository. The trac changeset 3224162 documents a patch addressing the deserialization issue, and Wordfence provides threat intelligence on the vulnerability at their referenced URL. Security practitioners should update to a patched version of the plugin beyond 1.8.96 and review installed plugins/themes for potential POP chains.

Details

CWE(s): CWE-502

Affected Products

aipower

≤ 1.8.97

AI Security Analysis

AI Category: Other Platforms
Risk Domain: Other ATLAS/OWASP Terms
OWASP Top 10 for LLMs 2025: None mapped
MITRE ATLAS Techniques: None mapped
Classification Reason: The vulnerability affects the 'AI Power: Complete AI Pack' WordPress plugin, which provides AI features like prompt handling for content generation, fitting as an other AI platform/integration rather than core frameworks, libraries, or specific AI domains.

MITRE ATT&CK Enterprise Techniques

T1005 Data from Local System Collection

Adversaries may search local system sources, such as file systems, configuration files, local databases, virtual machine files, or process memory, to find files of interest and sensitive data prior to Exfiltration.

attack.mitre.org →

T1059 Command and Scripting Interpreter Execution

Adversaries may abuse command and script interpreters to execute commands, scripts, or binaries.

attack.mitre.org →

T1070.004 File Deletion Stealth

Adversaries may delete files left behind by the actions of their intrusion activity.

attack.mitre.org →

Why these techniques?

PHP Object Injection via deserialization facilitates retrieval of sensitive data from the local system (T1005), arbitrary code execution via PHP interpreter (T1059), and arbitrary file deletion (T1070.004) when chained with a POP chain from other plugins/themes.

References

https://plugins.trac.wordpress.org/changeset/3224162/
Patch · security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/66a3abc1-0508-4ce3-952b-7dbf3738879a?source=cve
Third Party Advisory · security@wordfence.com