Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Network-reachable shortcode, low complexity, requires a Contributor+ account (PR:L) and no user interaction, yielding full code execution and thus high C/I/A.
Primary rating from Vendor (Wordfence).
CVSS VectorVendor: Wordfence
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
2DescriptionCVE.org
The Code Engine plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 0.3.5 via the 'code-engine' shortcode. This is due to the plugin not restricting access to the code injecting functionality of the plugin. This makes it possible for authenticated attackers, with Contributor-level access and above, to execute code on the server.
Articles & Coverage 1
AnalysisAI
Remote code execution in the Code Engine WordPress plugin (all versions ≤ 0.3.5) lets authenticated users with Contributor-level access or higher run arbitrary PHP/code on the server via the 'code-engine' shortcode, because the plugin fails to restrict access to its code-injection functionality. Reported by Wordfence, the flaw carries a CVSS 8.8 (high) rating; there is no public exploit identified at time of analysis, though the technique (abusing a shortcode that intentionally executes snippets) is straightforward for anyone with authoring rights. This turns the plugin's core 'run PHP snippets' feature into a privilege-escalation path from low-trust content contributors to full server code execution.
Technical ContextAI
Code Engine ('PHP Snippets, AI Functions & Automation for WordPress', vendor tigroumeow) is a WordPress plugin whose purpose is to execute PHP/code snippets, exposed to content through a '[code-engine]' shortcode. Shortcodes are parsed and rendered whenever a post/page containing them is saved or displayed, so any user who can insert a shortcode into content can reach the underlying execution routine. The root cause maps to CWE-77 (Improper Neutralization of Special Elements used in a Command / Command Injection): the plugin does not gate the code-executing shortcode behind an appropriate capability check, so the boundary between 'trusted admin who configures snippets' and 'untrusted contributor who writes posts' collapses. The affected CPE is cpe:2.3:a:tigroumeow:code_engine_-_php_snippets,_ai_functions_&_automation_for_wordpress. In WordPress, the Contributor role can create (but not publish) posts, and normally cannot run code - this vulnerability breaks that expectation.
RemediationAI
Upgrade the Code Engine plugin to the version released after 0.3.5 that adds the missing capability restriction (the fix corresponds to WordPress.org changeset https://plugins.trac.wordpress.org/changeset/3345666; because the reference is a repository changeset rather than a tagged release, the exact patched version number is not independently confirmed from the provided data - verify the current version on the plugin page before deploying). Review the Wordfence advisory (https://www.wordfence.com/threat-intel/vulnerabilities/id/1a5f970a-e6a0-4dc7-8e99-342a32f5fd49?source=cve) for details. If you cannot patch immediately, the most effective compensating control is to deactivate the Code Engine plugin, since its shortcode is the attack surface - this disables snippet/AI-automation features that rely on it. Failing that, restrict who can author content by removing Contributor and Author accounts from untrusted users and disabling open/self-service registration (trade-off: blocks legitimate community contributors), and audit existing posts and drafts for unexpected '[code-engine]' shortcodes. A WAF virtual patch from Wordfence can block exploitation attempts as an interim layer but should not replace upgrading.
Same weakness CWE-77 – Command Injection
View allSame technique Command Injection
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-210455
GHSA-9q92-4hrq-vj96