Severity by source
AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
Unauthenticated network injection via a publicly exposed nonce (PR:N/AC:L) with scope change into an admin browser (S:C) yields limited confidentiality/integrity impact typical of stored XSS.
Primary rating from Vendor (Wordfence).
CVSS VectorVendor: Wordfence
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
Lifecycle Timeline
2DescriptionCVE.org
The WPBot - AI ChatBot for Live Support, Lead Generation, AI Services plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'conversation' parameter in all versions up to, and including, 8.4.9 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. The AJAX nonce required to authenticate the save request is publicly emitted on every frontend page via wp_localize_script, making it freely obtainable by any anonymous visitor and removing any practical barrier to exploitation.
Articles & Coverage 1
AnalysisAI
Stored cross-site scripting in the WPBot AI ChatBot for WordPress (all versions through 8.4.9) lets unauthenticated attackers persist arbitrary JavaScript through the 'conversation' parameter, which later executes when the injected page is viewed - most notably by an administrator opening the chat-session reports in wp-admin. Because the AJAX nonce that guards the save endpoint is publicly emitted on every frontend page via wp_localize_script, any anonymous visitor can obtain it, so there is effectively no barrier to injection. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires the WPBot plugin to be installed and active (through version 8.4.9) with its chat/save-conversation AJAX endpoint reachable - the default frontend chatbot deployment. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The supplied CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N, base 7.2) reflects a network-reachable, low-complexity, unauthenticated attack with a changed scope - consistent with stored XSS whose payload crosses the trust boundary from an anonymous submitter into a privileged admin session. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An anonymous visitor loads any frontend page, scrapes the publicly emitted wp_localize_script AJAX nonce, and submits a chatbot 'conversation' containing a malicious <script> payload to the save endpoint. The payload is stored and later executes in the browser of an administrator who opens the chat-session report, allowing session/cookie theft, admin-panel actions, or account takeover in the admin context. … |
| Remediation | Upstream fix available (changeset 3591600 in the WordPress plugin repository); a released patched version was not independently confirmed from the provided data, so update WPBot to the latest available release above 8.4.9 as published by QuantumCloud and confirm the version in wp-admin after upgrading. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Identify all WordPress installations using WPBot through version 8.4.9; disable the plugin immediately or restrict chat report access to a limited trusted administrator group via role-based permissions. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
Unauthorized deletion of chat session records in the WPBot WordPress plugin affects all versions through 8.5.6, allowing
Authorization bypass in the WPBot AI ChatBot plugin for WordPress (all versions ≤ 8.5.6) permits any subscriber-level au
Same weakness CWE-79 – Cross-site Scripting (XSS)
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-40889
GHSA-x882-f7rv-28ch