A critical security vulnerability has emerged in the WordPress ecosystem, exposing over 100,000 websites to privilege escalation attacks through the AI Engine plugin’s Model Context Protocol (MCP) implementation. The vulnerability, designated CVE-2025-5071 with a high CVSS rating of 8.8, affects AI Engine plugin versions 2.8.0 through 2.8.3, allowing authenticated attackers with minimal subscriber-level access to […]
The post 100,000+ WordPress Sites Exposed to Privilege Escalation Attacks via MCP AI Engine appeared first on Cyber Security News.
This article has been indexed from Cyber Security News