CVE-2025-5071
AI Engine 2.8.0 - 2.8.3 - Authenticated (Subscriber+) Insufficient Authorization to Privilege Escalation via MCP
We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
AI Engine 2.8.0 - 2.8.3 - Authenticated (Subscriber+) Insufficient Authorization to Privilege Escalation via MCP
The AI Engine plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check on the 'Meow_MWAI_Labs_MCP::can_access_mcp' function in versions 2.8.0 to 2.8.3. This makes it possible for authenticated attackers, with subscriber-level access and above, to have full access to the MCP and run various commands like 'wp_create_user', 'wp_update_user' and 'wp_update_option', which can be used for privilege escalation, and 'wp_update_post', 'wp_delete_post', 'wp_update_comment' and 'wp_delete_comment', which can be used to edit and delete posts and comments.
Reserved 2025-05-21 | Published 2025-06-19 | Updated 2025-06-19 | Assigner WordfenceCWE-863 Incorrect Authorization
| 2025-05-21: | Discovered |
| 2025-05-21: | Vendor Notified |
| 2025-06-18: | Disclosed |
István Márton
www.wordfence.com/...-0020-4bf1-86be-bdb238a9fe0d?source=cve
plugins.trac.wordpress.org/...engine/tags/2.8.1/labs/mcp.php
plugins.trac.wordpress.org/changeset/3313554/ai-engine
Support options
