Description
The AI Engine for WordPress: ChatGPT, GPT Content Generator plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 1.0.1. This is due to insufficient validation of user-supplied file paths in the 'lqdai_update_post' AJAX endpoint and the use of file_get_contents() with user-controlled URLs without protocol restrictions in the insert_image() function. This makes it possible for authenticated attackers, with Contributor-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information.
Published: 2025-11-25
Score: 6.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Arbitrary File Read
Action: Immediate Patch
AI Analysis

Impact

The vulnerable plugin allows authenticated users with Contributor or higher privileges to read arbitrary files on the server. This is achieved through inadequate validation of file paths in the AJAX endpoint and the unwarranted usage of file_get_contents() with unbounded URLs, exposing sensitive data such as configuration files or credentials.

Affected Systems

Liquid Themes’ AI Engine for WordPress: ChatGPT, GPT Content Generator plugin, versions up to and including 1.0.1, deployed on WordPress sites.

Risk and Exploitability

The flaw has a CVSS score of 6.5, indicating moderate severity, but the EPSS score is below 1% and it is not listed in the CISA KEV catalog, suggesting low exploitation likelihood. An attacker must be able to authenticate at Contributor level or higher, after which they can exploit the plugin to retrieve any file accessible to the web server.

Generated by OpenCVE AI on April 21, 2026 at 01:20 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the plugin to a version newer than 1.0.1, which contains the fix for arbitrary file read.
  • If an upgrade is not immediately possible, remove or restrict the lqdai_update_post AJAX endpoint, or hard‑code the allowed protocols for file_get_contents() to limit access to local files only.
  • Review user roles and remove Contributor permissions where unnecessary, ensuring only trusted users have access that could exploit the plugin.

Generated by OpenCVE AI on April 21, 2026 at 01:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 26 Nov 2025 11:15:00 +0000

Type Values Removed Values Added
First Time appeared Liquidthemes
Liquidthemes ai Engine For Wordpress
Wordpress
Wordpress wordpress
Vendors & Products Liquidthemes
Liquidthemes ai Engine For Wordpress
Wordpress
Wordpress wordpress

Tue, 25 Nov 2025 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 25 Nov 2025 07:45:00 +0000

Type Values Removed Values Added
Description The AI Engine for WordPress: ChatGPT, GPT Content Generator plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 1.0.1. This is due to insufficient validation of user-supplied file paths in the 'lqdai_update_post' AJAX endpoint and the use of file_get_contents() with user-controlled URLs without protocol restrictions in the insert_image() function. This makes it possible for authenticated attackers, with Contributor-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information.
Title AI Engine for WordPress: ChatGPT, GPT Content Generator <= 1.0.1 - Authenticated (Contributor+) Arbitrary File Read
Weaknesses CWE-73
References
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N'}

Subscriptions

Liquidthemes Ai Engine For Wordpress
Wordpress Wordpress
cve-icon MITRE

Status: PUBLISHED

Assigner: Wordfence

Published:

Updated: 2026-04-08T17:15:18.083Z

Reserved: 2025-11-18T20:18:44.639Z

Link: CVE-2025-13380

cve-icon Vulnrichment

Updated: 2025-11-25T14:36:14.570Z

cve-icon NVD

Status : Deferred

Published: 2025-11-25T08:15:50.050

Modified: 2026-04-15T00:35:42.020

Link: CVE-2025-13380

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-21T01:30:24Z

Weaknesses