Don't Just Read the News, Understand It.
Get Started
SubscribeLogin
Israel-Hamas Conflict
Heatwaves
Social Media
Artificial Intelligence
Immigration
Donald Trump
Republican Party
European Union
World Cup
Immigration and Customs Enforcement
US Immigration
Music
Democratic Party
Published loading...Updated

100,000 WordPress Sites Affected by Privilege Escalation via MCP in AI Engine WordPress Plugin

Summary by IT Security News - Cybersecurity, Infosecurity News
On May 21st, 2025, our Wordfence Threat Intelligence team identified and began the responsible disclosure process for an Insufficient Authorization to Privilege Escalation via MCP (Model Context Protocol) vulnerability in the AI Engine plugin, which is actively installed on more… Read more → The post 100,000 WordPress Sites Affected by Privilege Escalation via MCP in AI Engine WordPress Plugin appeared first on IT Security News.
DisclaimerThis story is only covered by news sources that have yet to be evaluated by the independent media monitoring agencies we use to assess the quality and reliability of news outlets on our platform. Learn more here.

5 Articles

All
Left
Center
Right
GBHackers On SecurityGBHackers On Security

Over 100,000 WordPress Sites Exposed to Privilege Escalation via MCP AI Engine

The Wordfence Threat Intelligence team identified a severe security flaw in the AI Engine plugin, a widely used tool installed on over 100,000 WordPress websites. This vulnerability, classified as an Insufficient Authorization to Privilege Escalation via Model Context Protocol (MCP), has a CVSS score of 8.8 (High) and has been assigned the identifier CVE-2025-5071. Affecting […] The post Over 100,000 WordPress Sites Exposed to Privilege Escalati…

Read Full Article
Hawkdive.comHawkdive.com

WordPress ends security updates for versions 4.1 to 4.6

Upcoming Changes to WordPress Security Updates: What You Need to Know In a significant update for WordPress users worldwide, the WordPress Security Team has announced that starting from July 2025, they will no longer offer security updates for versions 4.1 through 4.6. These particular versions were initially launched over nine years ago, and today, more […]

Read Full Article
HeiseHeise

WordPress: AI Engine Plug-in Breaks Security Gap in 100,000 Websites

The plug-in AI Engine is installed on more than 100,000 WordPress websites. A gap allows complete compromise.

·Germany
Read Full Article
IT Security News - cybersecurity, infosecurity newsIT Security News - cybersecurity, infosecurity news
Reposted by
Malware Analysis, News and IndicatorsMalware Analysis, News and Indicators

100,000 WordPress Sites Affected by Privilege Escalation via MCP in AI Engine WordPress Plugin

On May 21st, 2025, our Wordfence Threat Intelligence team identified and began the responsible disclosure process for an Insufficient Authorization to Privilege Escalation via MCP (Model Context Protocol) vulnerability in the AI Engine plugin, which is actively installed on more… Read more → The post 100,000 WordPress Sites Affected by Privilege Escalation via MCP in AI Engine WordPress Plugin appeared first on IT Security News.

Read Full Article
Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/yearSubscribe

Bias Distribution

  • There is no tracked Bias information for the sources covering this story.
Factuality

To view factuality data please Upgrade to Premium

Ownership

To view ownership data please Upgrade to Vantage

IT Security News - cybersecurity, infosecurity news broke the news in on Wednesday, June 18, 2025.
Sources are mostly out of (0)

Similar News Topics

News
For You
SearchBlindspotLocal