What is the CVSS score of CVE-2025-5071?

CVE-2025-5071 has a CVSS 3.1 base score of 8.8 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.1%.

Which versions of PHP are affected by CVE-2025-5071?

WordPress sites using the AI Engine plugin (versions 2.8.0-2.8.3) face significant risk of unauthorized account creation, privilege escalation, and content destruction by low-level users.. A patch is available.

How to fix or mitigate CVE-2025-5071?

Within 24 hours: Identify all WordPress instances running AI Engine plugin and document current versions; disable the plugin if version 2.8.0-2.8.3 is confirmed and cannot be immediately patched. Within 7 days: Apply vendor patch to upgrade AI Engine to version 2.8.4 or later on all affected systems; restore plugin functionality post-patch. Within 30 days: Conduct audit of user accounts and content modifications during the vulnerability window; review access logs for suspicious subscriber-level activity; implement Web Application Firewall rules to restrict unauthorized MCP command execution.

PHP CVE-2025-5071

EUVD-2025-28374 HIGH

Incorrect Authorization (CWE-863)

2025-06-19 security@wordfence.com

PHP WordPress Privilege Escalation Ai Engine

8.8

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

EUVD ID Assigned

Mar 15, 2026 - 00:08 euvd

EUVD-2025-28374

Analysis Generated

Mar 15, 2026 - 00:08 vuln.today

Patch released

Mar 15, 2026 - 00:08 nvd

Patch available

CVE Published

Jun 19, 2025 - 10:15 nvd

HIGH 8.8

DescriptionNVD

The AI Engine plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check on the 'Meow_MWAI_Labs_MCP::can_access_mcp' function in versions 2.8.0 to 2.8.3. This makes it possible for authenticated attackers, with subscriber-level access and above, to have full access to the MCP and run various commands like 'wp_create_user', 'wp_update_user' and 'wp_update_option', which can be used for privilege escalation, and 'wp_update_post', 'wp_delete_post', 'wp_update_comment' and 'wp_delete_comment', which can be used to edit and delete posts and comments.

AnalysisAI

The AI Engine WordPress plugin (versions 2.8.0-2.8.3) contains a missing capability check in the 'Meow_MWAI_Labs_MCP::can_access_mcp' function, allowing authenticated subscribers and above to access the Model Context Protocol (MCP) interface and execute arbitrary WordPress administrative commands. This enables privilege escalation, unauthorized user creation/modification, and data destruction through post and comment manipulation. The vulnerability has a CVSS score of 8.8 (High) and poses immediate risk to any WordPress installation running affected versions with user registration enabled.

Technical ContextAI

The vulnerability exists in the AI Engine plugin's MCP (Model Context Protocol) implementation, specifically in the capability verification layer. The 'can_access_mcp' function fails to enforce WordPress capability checks before allowing access to sensitive MCP commands. CWE-863 (Incorrect Authorization) indicates the root cause is improper validation of user permissions against the WordPress role-based access control (RBAC) system. The affected plugin integrates AI capabilities via MCP, which provides a command execution interface. Authenticated users at subscriber level and above can bypass authorization controls and invoke functions like 'wp_create_user', 'wp_update_user', 'wp_update_option', 'wp_update_post', 'wp_delete_post', 'wp_update_comment', and 'wp_delete_comment'—all of which normally require administrator privileges. The missing check violates the principle of least privilege and breaks WordPress's capability delegation model.

RemediationAI

Immediate actions: (1) Update AI Engine plugin to version 2.8.4 or later immediately—this patch version includes the missing capability check in 'Meow_MWAI_Labs_MCP::can_access_mcp'. (2) If immediate patching is not possible, disable the AI Engine plugin entirely until a patch is applied. (3) For sites that cannot update quickly, restrict user registration to trusted accounts only and audit user roles to remove unnecessary subscriber-level accounts. (4) Monitor WordPress audit logs and MCP function execution logs for suspicious 'wp_create_user', 'wp_update_user', 'wp_update_option', 'wp_delete_post', and 'wp_delete_comment' calls from low-privilege users. (5) Implement Web Application Firewall (WAF) rules to block MCP requests from non-administrator sources. (6) Review and revoke any suspicious administrator accounts created after plugin installation. Vendor patch location: Consult the official Meow Apps plugin repository on WordPress.org; patch released in version 2.8.4.

More from same product – last 7 days

CVE-2026-7862 HIGH This Week POC

8.6 May 28

Unauthenticated refund abuse in the Eupago Gateway for WooCommerce WordPress plugin before 4.7.2 lets remote attackers t

CVE-2026-8760 CRITICAL Act Now

9.8 May 27

Authentication bypass in the Login with OTP plugin for WordPress (all versions up to and including 1.6) lets unauthentic

CVE-2026-42727 CRITICAL Act Now

9.3 May 27

Blind SQL injection in the RealMag777 'Active Products Tables for WooCommerce' WordPress plugin (versions up to and incl

CVE-2026-42761 CRITICAL Act Now

9.3 May 27

Blind SQL injection in the RealMag777 "Active Products Tables for WooCommerce" WordPress plugin (all versions up to and

CVE-2026-8832 HIGH This Week

8.8 May 27

Remote code execution in the WPCode WordPress plugin (versions through 2.3.5) lets authenticated author-level users run

CVE-2025-5071 vulnerability details – vuln.today

Back

PHP CVE-2025-5071

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

More from same product – last 7 days

Share

External POC / Exploit Code