关键漏洞信息 漏洞概述 CVE ID: CVE-2025-13380 受影响的软件: AI Engine for WordPress (ChatGPT, GPT Content Generator <= 1.0.1) 漏洞类型: Authenticated (Contributor+) Arbitrary File Read 漏洞细节 1. File Insert Function - AJAX action calls the function (line 315), lacking capability checks. - Allows any authenticated user with post editing capabilities to download arbitrary files via the protocol. 2. Arbitrary File Download in - function (line 419) uses with user-controlled URLs. - No protocol validation, allowing arbitrary file downloads via the protocol. TL;DR Exploits POC Script: - Demonstrates a Contributor-level user downloading the site's file. - Example usage: Manual Reproduction Steps 1. Login to WordPress as a Contributor. 2. Create a new post draft. 3. Intercept the action request. 4. Modify the request to include a URL in the parameter. 5. Download files like . 6. Extract sensitive information (database credentials, API keys, security salts). ``` This summary highlights the key components of the vulnerability, including the affected software, the nature of the exploit, and steps for manual reproduction.