{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-13887", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-12-02T14:44:09.201Z", "datePublished": "2026-01-07T09:20:55.910Z", "dateUpdated": "2026-04-08T16:53:39.764Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:53:39.764Z"}, "affected": [{"vendor": "wisdmlabs", "product": "AI ChatBot for WordPress by AI BotKit \u2013 Live in 2 Minutes, No Code", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.1.7", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The AI BotKit \u2013 AI Chatbot & Live Support for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' parameter in the `ai_botkit_widget` shortcode in all versions up to, and including, 1.1.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."}], "title": "AI BotKit <= 1.1.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5659af1d-f248-46ff-b282-ef5397222d8d?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/ai-botkit-for-lead-generation/trunk/includes/public/class-shortcode-handler.php#L42"}, {"url": "https://plugins.trac.wordpress.org/browser/ai-botkit-for-lead-generation/tags/1.1.7/includes/public/class-shortcode-handler.php#L42"}, {"url": "https://plugins.trac.wordpress.org/changeset/3433410/"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "cweId": "CWE-79", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "baseScore": 6.4, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Youcef Hamdani"}], "timeline": [{"time": "2026-01-06T20:31:21.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-01-07T15:01:52.854376Z", "id": "CVE-2025-13887", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-07T15:03:11.981Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-13887", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-01-07T15:01:52.854376Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-07T15:03:00.969Z"}}], "cna": {"title": "AI BotKit <= 1.1.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes", "credits": [{"lang": "en", "type": "finder", "value": "Youcef Hamdani"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 6.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N"}}], "affected": [{"vendor": "wisdmlabs", "product": "AI BotKit \u2013 AI Chatbot & Live Support for WordPress (No-Code)", "versions": [{"status": "affected", "version": "*", "versionType": "semver", "lessThanOrEqual": "1.1.7"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2026-01-06T20:31:21.000+00:00", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5659af1d-f248-46ff-b282-ef5397222d8d?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/ai-botkit-for-lead-generation/trunk/includes/public/class-shortcode-handler.php#L42"}, {"url": "https://plugins.trac.wordpress.org/browser/ai-botkit-for-lead-generation/tags/1.1.7/includes/public/class-shortcode-handler.php#L42"}], "descriptions": [{"lang": "en", "value": "The AI BotKit \u2013 AI Chatbot & Live Support for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' parameter in the `ai_botkit_widget` shortcode in all versions up to, and including, 1.1.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-01-07T09:20:55.910Z"}}}, "cveMetadata": {"cveId": "CVE-2025-13887", "state": "PUBLISHED", "dateUpdated": "2026-01-07T15:03:11.981Z", "dateReserved": "2025-12-02T14:44:09.201Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2026-01-07T09:20:55.910Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The AI BotKit \u2013 AI Chatbot & Live Support for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' parameter in the `ai_botkit_widget` shortcode in all versions up to, and including, 1.1.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."}, {"lang": "es", "value": "El plugin de WordPress AI BotKit \u2013 AI Chatbot &amp; Live Support for WordPress es vulnerable a cross-site scripting almacenado a trav\u00e9s del par\u00e1metro 'id' en el shortcode `ai_botkit_widget` en todas las versiones hasta la 1.1.7, inclusive, debido a una sanitizaci\u00f3n de entrada y un escape de salida insuficientes. Esto hace posible que atacantes autenticados, con acceso de nivel Colaborador y superior, inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."}], "id": "CVE-2025-13887", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.1, "impactScore": 2.7, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2026-01-07T12:16:50.737", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/ai-botkit-for-lead-generation/tags/1.1.7/includes/public/class-shortcode-handler.php#L42"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/ai-botkit-for-lead-generation/trunk/includes/public/class-shortcode-handler.php#L42"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset/3433410/"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5659af1d-f248-46ff-b282-ef5397222d8d?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-22T00:04:02.894465+00:00", "value": {"mitigation_remediation": ["Upgrade AI BotKit to the latest available version", "If an upgrade is not possible, remove or disable the ai_botkit_widget shortcode for users with contributor or higher privileges", "As a temporary measure, sanitize the id attribute by stripping or escaping JavaScript content before it is stored"], "summary": {"action": "Immediate Patch", "impact": "Stored Cross\u2011Site Scripting"}, "threat_synthesis": {"affected_systems": "The flaw exists in all released versions of the AI BotKit WordPress plugin up to and including 1.1.7. Plugins distributed by wisdmlabs are affected. Any WordPress site that has installed this plugin and has contributors or higher can be impacted.", "description_and_impact": "The vulnerability in AI BotKit allows contributors or higher to store malicious scripts in the \u2018id\u2019 attribute of the ai_botkit_widget shortcode. This is a classic stored cross\u2011site scripting flaw (CWE\u201179) that causes code injected by an authenticated user to run in the browsers of any visitor to pages that include the shortcode. Such execution can lead to credential theft, session hijacking, defacement, or further exploitation of the victim\u2019s environment.", "risk_and_exploitability": "The CVSS score of 6.4 places the issue in the moderate range. The EPSS score is below 1\u202f%, indicating a low probability of exploitation at this moment, and the vulnerability is not listed in CISA\u2019s KEV catalog. The likely attack vector requires an authenticated user with a contributor role to insert or edit a shortcode that contains a malicious id value. Once the payload is stored, any user who views a page containing the shortcode will have the script executed in their browser."}}}}, "created": "2026-01-08T09:49:39.992902+00:00", "updated": "2026-04-22T00:15:03.766102+00:00", "vendors": ["wisdmlabs", "wisdmlabs$PRODUCT$ai_botkit", "wordpress", "wordpress$PRODUCT$wordpress"]}