Severity by source
AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
PR:H for mandatory admin authentication; AC:H for the multisite-or-unfiltered_html-disabled constraint; S:C because injected scripts execute in other users' browsers.
Primary rating from Vendor (Wordfence).
CVSS VectorVendor: Wordfence
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Lifecycle Timeline
2DescriptionCVE.org
The MxChat - AI Chatbot & Content Generation for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.2.10 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.
AnalysisAI
Stored Cross-Site Scripting in the MxChat AI Chatbot & Content Generation WordPress plugin (versions up to and including 3.2.10) enables authenticated administrators to persist malicious scripts through admin settings panels. Exploitation is constrained to WordPress multi-site environments or single-site installs where the unfiltered_html capability has been explicitly disabled, narrowing the realistic attack surface significantly. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires all of the following simultaneously: (1) the attacker must hold an authenticated WordPress account with administrator-level permissions or higher; (2) the WordPress installation must be either a multi-site network (where unfiltered_html is restricted by default for non-super-admins) or a single-site installation where unfiltered_html has been explicitly disabled for administrator-role users. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | Real-world risk is low despite the network attack vector. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker who has obtained or holds WordPress administrator credentials navigates to the MxChat plugin's admin settings panel and injects a malicious JavaScript payload into one of the unsanitized settings fields (e.g., via the AJAX handlers in class-ajax-handler.php). The script is stored in the database and subsequently executes in the browser of any user - including other administrators or authenticated site members - who loads a page rendering the injected setting, enabling session token theft or unauthorized actions on their behalf. … |
| Remediation | Upstream fix available (WordPress plugin repository changeset at https://plugins.trac.wordpress.org/changeset?reponame=&old=3590075%40mxchat-basic&new=3590075%40mxchat-basic); a specific released patched version number is not confirmed in the available data - verify the current version in the WordPress plugin directory and update to any release beyond 3.2.10 once confirmed patched. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Same weakness CWE-79 – Cross-site Scripting (XSS)
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-44854
GHSA-3hjj-97jw-2f47