CVE-2025-13887
Stored XSS in AI BotKit WordPress Plugin Allows Script Injection
Publication date: 2026-01-07
Last updated on: 2026-04-08
Assigner: Wordfence
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| unknown_vendor | ai_botkit | to 1.1.7 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a Stored Cross-Site Scripting (XSS) issue in the AI BotKit WordPress plugin (up to version 1.1.7). It occurs via the 'id' parameter in the 'ai_botkit_widget' shortcode due to insufficient input sanitization and output escaping. Authenticated users with Contributor-level access or higher can inject malicious scripts into pages, which then execute whenever any user views those pages.
How can this vulnerability impact me? :
The vulnerability allows attackers with Contributor-level access or higher to inject arbitrary web scripts into WordPress pages using the vulnerable shortcode. This can lead to malicious script execution in the context of users visiting those pages, potentially resulting in session hijacking, defacement, or other malicious actions impacting site users and administrators.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by scanning WordPress sites for the presence of the AI BotKit plugin version 1.1.7 or earlier. Specifically, look for pages containing the shortcode [ai_botkit_widget] with an 'id' parameter that may be exploited. Since the vulnerability involves stored cross-site scripting via the 'id' parameter, you can search the WordPress database for posts or pages containing this shortcode with suspicious or script-injected 'id' values. Commands to detect this might include using WP-CLI to search post content, for example: wp db query "SELECT ID, post_title FROM wp_posts WHERE post_content LIKE '%[ai_botkit_widget id=%'". Additionally, monitoring HTTP traffic for unusual script injections or alerts from web application firewalls when accessing pages with this shortcode can help detect exploitation attempts.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include updating the AI BotKit plugin to version 1.1.8 or later, where the 'id' parameter in the ai_botkit_widget shortcode is properly sanitized using sanitize_text_field(), preventing script injection. If updating is not immediately possible, restrict Contributor-level and above users from adding or editing content with this shortcode until a patch is applied. Additionally, implement web application firewall (WAF) rules to block suspicious script payloads in the 'id' parameter and monitor for any signs of exploitation. [2, 3]