CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2 days ago•4 views

CVE-2026-27407

Editor Privilege Escalation in AI Engine = 3.4.9 versions...

7.2CVSS0.00503EPSS

CVE•added 2 days ago•16 views

CVE-2026-27407

CVE-2026-27407 concerns the WordPress AI Engine plugin, affected versions

7.2CVSS5.2AI score0.00503EPSS

Patchstack•added 2026/05/28 8:57 a.m.•10 views

WordPress AI Engine plugin <= 3.4.9 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by Phat RiO in WordPress Plugin AI Engine versions = 3.4.9...

7.2CVSS5.8AI score0.00503EPSS

Exploits0Affected Software1

RedhatCVE•added 2026/05/18 7:58 p.m.•7 views

CVE-2026-8719

The AI Engine – The Chatbot, AI Framework & MCP for WordPress plugin for WordPress is vulnerable to Privilege Escalation in version 3.4.9. This is due to missing WordPress capability enforcement in the MCP OAuth bearer-token authorization path, where any valid OAuth token causes MCP access to be...

Patchstack•added 2026/05/18 3:18 a.m.•10 views

WordPress AI Engine – The Chatbot, AI Framework & MCP for WordPress plugin 3.4.9-3.4.9 - Authenticated (Subscriber+) Privilege Escalation vulnerability

Authenticated Subscriber+ Privilege Escalation vulnerability discovered by daroo in WordPress Plugin AI Engine versions 3.4.9-3.4.9...

Exploits0References1Affected Software1

EUVD•added 2026/05/17 2:27 a.m.•17 views

EUVD-2026-30678

Positive Technologies•added 2026/05/17 12:0 a.m.•9 views

PT-2026-41513

Name of the Vulnerable Software and Affected Versions The AI Engine – The Chatbot, AI Framework & MCP for WordPress version 3.4.9 Description Missing WordPress capability enforcement in the MCP OAuth bearer-token authorization path allows authenticated users with Subscriber privileges or higher t...

CNNVD•added 2026/05/17 12:0 a.m.•8 views

Exploits0References5

WordPress plugin AI Engine 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

RedhatCVE•added 2026/04/13 7:24 p.m.•1 views

CVE-2026-39506

Missing Authorization vulnerability in Jordy Meow AI Engine Pro ai-engine-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AI Engine Pro: from n/a through 3.4.2...

4.3CVSS5.8AI score0.00165EPSS

NVD•added 2026/04/08 9:16 a.m.•1 views

CVE-2026-39506

4.3CVSS0.00165EPSS

Cvelist•added 2026/04/08 8:30 a.m.•18 views

CVE-2026-39506 WordPress AI Engine (Pro) plugin < 3.4.2 - Broken Access Control vulnerability

4.3CVSS0.00165EPSS

Vulnrichment•added 2026/04/08 8:30 a.m.•0 views

CVE-2026-39506 WordPress AI Engine (Pro) plugin < 3.4.2 - Broken Access Control vulnerability

4.3CVSS5.8AI score0.00165EPSS

Positive Technologies•added 2026/04/08 12:0 a.m.•2 views

PT-2026-31135

5.9AI score0.00165EPSS

Exploits0References3

CNNVD•added 2026/04/08 12:0 a.m.•3 views

WordPress plugin AI Engine (Pro) 安全漏洞

4.3CVSS5.8AI score0.00165EPSS

Patchstack•added 2026/03/28 7:7 a.m.•2 views

WordPress AI Engine (Pro) plugin < 3.4.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin AI Engine Pro versions 3.4.2...

4.3CVSS5.9AI score0.00165EPSS

Exploits0Affected Software1

RedhatCVE•added 2026/03/06 7:55 a.m.•4 views

CVE-2026-23802

Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow AI Engine ai-engine allows Using Malicious Files.This issue affects AI Engine: from n/a through = 3.3.2...

9.1CVSS5.8AI score0.00465EPSS

EUVD•added 2026/03/05 6:30 a.m.•5 views

EUVD-2026-9598

Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow AI Engine ai-engine allows Using Malicious Files.This issue affects AI Engine: from n/a through = 3.3.2...

5.9AI score0.00465EPSS