HomeIntelligenceBrief
VULNERABILITY BRIEF🔴 Critical Vulnerability

AI‑Driven Pipeline Uncovers 300+ Critical Zero‑Day Vulnerabilities in WordPress Plugins at $20 Each

Researchers demonstrated an AI‑powered system that identified over 300 critical zero‑day flaws in WordPress plugins within 72 hours, at an average cost of $20 per vulnerability. The findings highlight a cheap, scalable path for attackers to weaponize the massive, often under‑secured plugin ecosystem, raising urgent third‑party risk concerns.

LiveThreat™ Intelligence · 📅 May 22, 2026· 📰 helpnetsecurity.com
🔴
Severity
Critical
VU
Type
Vulnerability
🎯
Confidence
High
🏢
Affected
4 sector(s)
Actions
4 recommended
📰
Source
helpnetsecurity.com

AI‑Driven Pipeline Uncovers 300+ Critical Zero‑Day Vulnerabilities in WordPress Plugins at $20 Each

What Happened — Researchers from TrendAI and CHT Security demonstrated an AI‑powered pipeline that combined static analysis, Docker provisioning, and Chrome DevTools verification to discover more than 300 critical zero‑day flaws across the WordPress plugin ecosystem in just 72 hours. Every finding was manually validated and responsibly disclosed.

Why It Matters for TPRM

  • The low $20 per vulnerability cost means motivated attackers can purchase or develop exploits at scale.
  • Over‑one‑million WordPress plugins are maintained by small teams or volunteers, creating a massive supply‑chain attack surface for any organization that relies on them.

Who Is Affected — CMS platforms, e‑commerce sites, SaaS providers, and any third‑party that embeds WordPress plugins (across virtually all industry sectors).

Recommended Actions — Conduct a comprehensive inventory of all WordPress plugins in use, prioritize remediation of those identified as high‑risk, enforce strict version‑control and patch‑management policies, and consider additional runtime protections (WAF, runtime application self‑protection).

Technical Notes — The pipeline leveraged AI‑driven static code analysis, automated Docker environments, and dynamic verification via Chrome DevTools MCP. Vulnerabilities included pre‑authentication RCE, SQL injection hidden behind PHPCS annotations, privilege escalation via hook abuse, SSRF, and a novel downgrade‑attack chain that rolled plugins back to vulnerable versions. Source: Help Net Security

📰 Original Source
https://www.helpnetsecurity.com/2026/05/22/ai-wordpress-plugin-vulnerabilities/

This LiveThreat Intelligence Brief is an independent analysis. Read the original reporting at the link above.

From the Verisq platform · Trust Operations

Every gap like this maps to a control you can evidence.

The Verisq AI Trust Operations platform maps incidents to your control framework and collects the evidence continuously — so your Trust Center shows proof, not promises, when a buyer or auditor asks.

Explore the Verisq AI Trust Operations platform →