{"vulnerability": "CVE-2025-5071", "sightings": [{"uuid": "960522d7-24ef-4e93-ab7d-81df36ad930b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-50716", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/60502", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aDisclosure for CVE-2025-50716 to CVE-2025-13543\nURL\uff1ahttps://github.com/MooseLoveti/PostGallery-CVE-Report\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-11-22T15:36:07.000000Z"}, {"uuid": "fe841ca5-303f-4587-9577-0b88514bc18b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-5071", "type": "seen", "source": "Telegram/_d8ZkJysqwJnD9MPnbT5H1cIllgS9IBzG0O1ThmGXMB9yJU", "content": "", "creation_timestamp": "2025-06-19T10:00:28.000000Z"}, {"uuid": "f044833d-74ad-4ce4-a400-78890fb1d1cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-50716", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/44314", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aDisclosure for CVE-2025-50716 to CVE-2025-50721\nURL\uff1ahttps://github.com/MooseLoveti/realestate-php-cve-report\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-07-17T05:19:03.000000Z"}, {"uuid": "48b23a07-dd67-48ae-98e4-e5e1478f6549", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-5071", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/18844", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-5071\n\ud83d\udd25 CVSS Score: 8.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: The AI Engine plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check on the 'Meow_MWAI_Labs_MCP::can_access_mcp' function in versions 2.8.0 to 2.8.3. This makes it possible for authenticated attackers, with subscriber-level access and above, to have full access to the MCP and run various commands like 'wp_create_user', 'wp_update_user' and 'wp_update_option', which can be used for privilege escalation, and 'wp_update_post', 'wp_delete_post', 'wp_update_comment' and 'wp_delete_comment', which can be used to edit and delete posts and comments.\n\ud83d\udccf Published: 2025-06-19T09:23:47.875Z\n\ud83d\udccf Modified: 2025-06-19T09:23:47.875Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/0e7654a1-0020-4bf1-86be-bdb238a9fe0d?source=cve\n2. https://plugins.trac.wordpress.org/browser/ai-engine/tags/2.8.1/labs/mcp.php#L43\n3. https://plugins.trac.wordpress.org/changeset/3313554/ai-engine#file21", "creation_timestamp": "2025-06-19T09:43:36.000000Z"}, {"uuid": "dc41cc12-c9e3-4b4e-95c5-a9e8312cc03f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-50716", "type": "published-proof-of-concept", "source": "Telegram/7jZsAyPbO79zokTMCWqK_a300rRL4Jcpz3nrbkvQl_9AGhI", "content": "", "creation_timestamp": "2025-07-17T09:00:05.000000Z"}, {"uuid": "043bf2a9-da7d-4793-92a3-1a1f045fce0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-5071", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lrwr2u6unv2o", "content": "", "creation_timestamp": "2025-06-19T05:09:56.677285Z"}, {"uuid": "f737dd53-4cba-4abc-851b-42a5665d0863", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-5071", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lrxlslnpsh2v", "content": "", "creation_timestamp": "2025-06-19T13:08:30.356938Z"}]}