The Wordfence Threat Intelligence team identified a severe security flaw in the AI Engine plugin, a widely used tool installed on over 100,000 WordPress websites. This vulnerability, classified as an Insufficient Authorization to Privilege Escalation via Model Context Protocol (MCP), has a CVSS score of 8.8 (High) and has been assigned the identifier CVE-2025-5071. Affecting […] The post Over 100,000 WordPress Sites Exposed to Privilege Escalation via MCP AI Engine appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/over-100000-wordpress-sites-exposed/
