vulnerability
WordPress Plugin: ai-engine: CVE-2025-11749: Exposure of Sensitive Information to an Unauthorized Actor
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 10 | (AV:N/AC:L/Au:N/C:C/I:C/A:C) | Nov 4, 2025 | Nov 5, 2025 | Apr 30, 2026 |
Severity
10
CVSS
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Published
Nov 4, 2025
Added
Nov 5, 2025
Modified
Apr 30, 2026
Description
The AI Engine plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.1.3 via the /mcp/v1/ REST API endpoint that exposes the 'Bearer Token' value when 'No-Auth URL' is enabled. This makes it possible for unauthenticated attackers to extract the bearer token, which can be used to gain access to a valid session and perform many actions like creating a new administrator account, leading to privilege escalation.
Solution
ai-engine-plugin-cve-2025-11749
References
- https://www.cve.org/CVERecord?id=CVE-2025-11749
- https://www.wordfence.com/threat-intel/vulnerabilities/id/06eaf624-aedf-453d-8457-d03a572fac0d?source=api-prod
- https://euvd.enisa.europa.eu/vulnerability/EUVD-2025-37802
- CVE-2025-11749
- https://attackerkb.com/topics/CVE-2025-11749
- CWE-200
- EUVD-EUVD-2025-37802
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.