– Proof of Concept - Atomic Edge

Atomic Edge analysis of CVE-2026-1400:
The AI Engine WordPress plugin version 3.3.2 and earlier contains an arbitrary file upload vulnerability. The vulnerability exists in the `rest_helpers_update_media_metadata` function within the REST API endpoint `/wp-json/ai-engine/v1/update_media_metadata`. Attackers with Editor-level permissions can rename previously uploaded image files to executable PHP extensions, achieving remote code execution.

Atomic Edge research identifies the root cause as missing file type validation in the `rest_helpers_update_media_metadata` function. The function accepts a `filename` parameter without verifying that the new filename maintains the original file’s safe extension. The vulnerable code path begins at line 1 in the diff for `/ai-engine/classes/rest_helpers.php`. The function processes POST requests containing `id` and `filename` parameters, then calls `wp_update_post` with the new filename without validating the extension change.

The exploitation method requires an authenticated attacker with Editor privileges. First, the attacker uploads a benign image file through legitimate WordPress media upload functionality. Next, the attacker sends a POST request to `/wp-json/ai-engine/v1/update_media_metadata` with the uploaded file’s attachment ID and a new filename parameter containing a `.php` extension. The plugin updates the attachment metadata, changing the stored filename while keeping the original file content intact. This creates an executable PHP file in the WordPress uploads directory.

The patch adds file extension validation in the `rest_helpers_update_media_metadata` function. The fix compares the original file extension with the new filename extension using `pathinfo()` functions. If the extensions differ, the function returns an error. The patch ensures uploaded files cannot change their extension after initial validation, preventing image-to-PHP conversion attacks.

Successful exploitation leads to remote code execution on the WordPress server. Attackers can upload PHP web shells, execute arbitrary commands, and compromise the hosting environment. The vulnerability requires Editor-level access, limiting attack surface but providing significant impact within multi-user WordPress installations where Editors manage content.