CVE-2025-13401 is a stored cross-site scripting vulnerability found in the Autoptimize plugin for WordPress, a widely used performance optimization tool. The flaw exists in the create_img_preload_tag function, which handles the LCP (Largest Contentful Paint) Image to preload metabox. This function fails to properly sanitize and escape user-supplied image attributes, allowing authenticated users with contributor-level permissions or higher to inject arbitrary JavaScript code. Because the vulnerability is stored, the malicious script persists in the database and executes whenever any user accesses the affected page, potentially compromising user sessions or manipulating page content. The vulnerability affects all versions up to and including 3.1.13. The CVSS 3.1 base score is 6.4, reflecting a medium severity with network attack vector, low attack complexity, and privileges required but no user interaction needed. The scope is changed, meaning the vulnerability can affect components beyond the initially vulnerable plugin. Although no known exploits have been reported in the wild, the vulnerability poses a significant risk due to the widespread use of WordPress and Autoptimize. The flaw is categorized under CWE-79, which covers improper neutralization of input during web page generation leading to cross-site scripting.

The primary impact of this vulnerability is the potential for stored cross-site scripting attacks, which can lead to partial compromise of confidentiality and integrity. Attackers can execute arbitrary scripts in the context of the affected website, potentially stealing session cookies, performing actions on behalf of other users, or defacing content. Since the vulnerability requires contributor-level access, it limits exploitation to insiders or compromised accounts but does not require administrator privileges. The availability of the website is not directly affected. Organizations running WordPress sites with the Autoptimize plugin are at risk of targeted attacks, especially those with multiple contributors or user-generated content. The scope change indicates that the impact could extend beyond the plugin itself, potentially affecting other components or users interacting with the injected content. Given WordPress's global popularity, the vulnerability could affect a large number of websites, including e-commerce, blogs, and corporate sites, leading to reputational damage and user trust erosion.

To mitigate this vulnerability, organizations should immediately update the Autoptimize plugin to a version where the issue is fixed once available. Until a patch is released, administrators can restrict contributor-level permissions to trusted users only and monitor for suspicious activity. Implementing a Web Application Firewall (WAF) with rules to detect and block XSS payloads targeting the affected plugin can provide temporary protection. Additionally, site owners should audit and sanitize all user-generated content, especially image attributes related to the LCP preload feature. Disabling the LCP Image to preload metabox feature temporarily, if feasible, can reduce the attack surface. Regularly reviewing user roles and permissions to minimize unnecessary contributor access is also recommended. Finally, monitoring logs for unusual script injections or page modifications can help detect exploitation attempts early.