Skip to main content

WPBot EUVDEUVD-2026-40889

| CVE-2026-13731 HIGH
Cross-site Scripting (XSS) (CWE-79)
2026-07-01 Wordfence GHSA-x882-f7rv-28ch
7.2
CVSS 3.1 · Vendor: Wordfence
Share

Severity by source

Vendor (Wordfence) PRIMARY
7.2 HIGH
AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
vuln.today AI
7.2 HIGH

Unauthenticated network injection via a publicly exposed nonce (PR:N/AC:L) with scope change into an admin browser (S:C) yields limited confidentiality/integrity impact typical of stored XSS.

3.1 AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
4.0 AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N

Primary rating from Vendor (Wordfence).

CVSS VectorVendor: Wordfence

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
Low
Integrity
Low
Availability
None

Lifecycle Timeline

2
Analysis Generated
Jul 01, 2026 - 05:24 vuln.today
CVE Published
Jul 01, 2026 - 03:43 nvd
HIGH 7.2

DescriptionCVE.org

The WPBot - AI ChatBot for Live Support, Lead Generation, AI Services plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'conversation' parameter in all versions up to, and including, 8.4.9 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. The AJAX nonce required to authenticate the save request is publicly emitted on every frontend page via wp_localize_script, making it freely obtainable by any anonymous visitor and removing any practical barrier to exploitation.

AnalysisAI

Stored cross-site scripting in the WPBot AI ChatBot for WordPress (all versions through 8.4.9) lets unauthenticated attackers persist arbitrary JavaScript through the 'conversation' parameter, which later executes when the injected page is viewed - most notably by an administrator opening the chat-session reports in wp-admin. Because the AJAX nonce that guards the save endpoint is publicly emitted on every frontend page via wp_localize_script, any anonymous visitor can obtain it, so there is effectively no barrier to injection. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Load frontend page, scrape public nonce
Delivery
Submit crafted 'conversation' with script payload
Exploit
Payload stored in chat session
Execution
Admin opens chat-session report
Persist
Script executes in admin browser
Impact
Session hijack or admin actions

Vulnerability AssessmentAI

Exploitation Exploitation requires the WPBot plugin to be installed and active (through version 8.4.9) with its chat/save-conversation AJAX endpoint reachable - the default frontend chatbot deployment. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The supplied CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N, base 7.2) reflects a network-reachable, low-complexity, unauthenticated attack with a changed scope - consistent with stored XSS whose payload crosses the trust boundary from an anonymous submitter into a privileged admin session. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An anonymous visitor loads any frontend page, scrapes the publicly emitted wp_localize_script AJAX nonce, and submits a chatbot 'conversation' containing a malicious <script> payload to the save endpoint. The payload is stored and later executes in the browser of an administrator who opens the chat-session report, allowing session/cookie theft, admin-panel actions, or account takeover in the admin context. …
Remediation Upstream fix available (changeset 3591600 in the WordPress plugin repository); a released patched version was not independently confirmed from the provided data, so update WPBot to the latest available release above 8.4.9 as published by QuantumCloud and confirm the version in wp-admin after upgrading. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Identify all WordPress installations using WPBot through version 8.4.9; disable the plugin immediately or restrict chat report access to a limited trusted administrator group via role-based permissions. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

EUVD-2026-40889 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy