Skip to main content

Mxchat Ai Chatbot Content Generation For Wordpress

1 CVEs product

Monthly

CVE-2026-13005 MEDIUM This Month

Stored Cross-Site Scripting in the MxChat AI Chatbot & Content Generation WordPress plugin (versions up to and including 3.2.10) enables authenticated administrators to persist malicious scripts through admin settings panels. Exploitation is constrained to WordPress multi-site environments or single-site installs where the unfiltered_html capability has been explicitly disabled, narrowing the realistic attack surface significantly. No public exploit code or active exploitation (CISA KEV) has been identified; CVSS 4.4 Medium reflects the restricted conditions and high privilege requirement.

WordPress XSS Mxchat Ai Chatbot Content Generation For Wordpress
NVD VulDB
CVSS 3.1
4.4
EPSS
0.2%
EPSS 0% CVSS 4.4
MEDIUM This Month

Stored Cross-Site Scripting in the MxChat AI Chatbot & Content Generation WordPress plugin (versions up to and including 3.2.10) enables authenticated administrators to persist malicious scripts through admin settings panels. Exploitation is constrained to WordPress multi-site environments or single-site installs where the unfiltered_html capability has been explicitly disabled, narrowing the realistic attack surface significantly. No public exploit code or active exploitation (CISA KEV) has been identified; CVSS 4.4 Medium reflects the restricted conditions and high privilege requirement.

WordPress XSS Mxchat Ai Chatbot Content Generation For Wordpress
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy