Lucene search
K

5 matches found

Nuclei
Nuclei
added yesterday24 views

WordPress AI Engine Plugin - Token Exposure

Unauthenticated sensitive information exposure in AI Engine WordPress plugin = 3.1.3 exposes bearer tokens via REST API endpoints when No-Auth URL is enabled. id: CVE-2025-11749 info: name: WordPress AI Engine Plugin - Token Exposure author: 4m3rr0r severity: critical description: | Unauthenticat...

9.8CVSS7.2AI score0.75063EPSS
Exploits5References2
NVD
NVD
added 2025/11/05 6:15 a.m.14 views

CVE-2025-11749

The AI Engine plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.1.3 via the /mcp/v1/ REST API endpoint that exposes the 'Bearer Token' value when 'No-Auth URL' is enabled. This makes it possible for unauthenticated attackers to extract th...

9.8CVSS0.75063EPSS
Exploits5References3
CVE
CVE
added 2025/11/05 5:31 a.m.52 views

CVE-2025-11749

The WordPress AI Engine plugin (≤ 3.1.3) is vulnerable to unauthenticated sensitive information exposure via the REST API endpoints under /mcp/v1/ when No-Auth URL is enabled. This allows attackers to retrieve the Bearer Token, enabling session hijacking and actions such as creating an administra...

9.8CVSS6AI score0.75063EPSS
In wildExploits5References3
Cvelist
Cvelist
added 2025/11/05 5:31 a.m.18 views

CVE-2025-11749 AI Engine <= 3.1.3 - Unauthenticated Sensitive Information Exposure to Privilege Escalation

The AI Engine plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.1.3 via the /mcp/v1/ REST API endpoint that exposes the 'Bearer Token' value when 'No-Auth URL' is enabled. This makes it possible for unauthenticated attackers to extract th...

9.8CVSS0.75063EPSS
Exploits5References3
VulnCheck KEV
VulnCheck KEV
added 2025/11/05 12:0 a.m.15 views

VulnCheck KEV: CVE-2025-11749

The AI Engine plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.1.3 via the /mcp/v1/ REST API endpoint that exposes the 'Bearer Token' value when 'No-Auth URL' is enabled. This makes it possible for unauthenticated attackers to extract th...

9.8CVSS5.8AI score0.75063EPSS
In wildExploits5References3
Rows per page
Query Builder