On October 4th, 2025, we received a submission for a Sensitive Information Exposure vulnerability in AI Engine, a WordPress plugin with more than 100,000 active installations. This vulnerability can be exploited by unauthenticated attackers to extract the bearer token and then get full access to the MCP and execute various commands like ‘wp_update_user’, allowing them to escalate their privileges to administrators by updating their user role. Please note that this vulnerability only critically affects users who have enabled the ‘No-Auth URL’ in the MCP settings, which is disabled by default.
Props to Emiliano Versini who discovered and responsibly reported this
Click here to continue reading this article.