Security Researcher: WordPress 7.0 Could Trigger Rush To Steal AI API Keys via @Sejournal, @Martinibuster

The rapid adoption of AI plugins has turned WordPress into a front‑line for generative‑AI services such as OpenAI, Anthropic, and Google Gemini. Site owners embed API keys directly into themes or plugins to automate content creation, SEO, and customer support. Because these keys are billed per request, a single compromised credential can generate tens of thousands of dollars in usage fees, making them far more valuable than traditional login passwords. This new economic incentive reshapes the threat landscape, prompting attackers to hunt for any mis‑managed secret within a WordPress installation.

The specific vulnerability uncovered in WordPress 7.0 involves the AI integration setup form, where the API key field fails to mask input. Browser autofill mechanisms store the key as plain text and display it in a dropdown suggestion list, exposing the credential to anyone who can view the screen or share the browser session. In practice, an attacker could capture the key during a remote‑desktop call, a shared workstation, or even a screenshot taken by a malicious extension. Once obtained, the key can be used to spin up bot networks, craft sophisticated phishing messages, or write malware that leverages the AI’s language capabilities, dramatically amplifying the impact of a single breach.

Industry experts agree that patching this symptom alone will not suffice. WordPress’s plugin trust model was designed before sites began handling monetizable AI secrets, leaving a gap in secret management and permission granularity. Recommendations include moving API keys to environment variables, employing secret‑vault services, and restricting plugin access through a more fine‑grained capability system. Ultimately, a deeper architectural overhaul—potentially separating code execution from credential storage—may be required to safeguard the next generation of AI‑enhanced WordPress sites. Until such changes materialize, site owners must adopt strict operational hygiene and monitor AI usage for anomalous spikes.