CVE-2025-13887 is a stored Cross-Site Scripting (XSS) vulnerability identified in the AI BotKit – AI Chatbot & Live Support for WordPress plugin, which is widely used to add AI chatbot and live support functionalities to WordPress sites without coding. The vulnerability arises from improper neutralization of input during web page generation, specifically through the 'id' parameter in the ai_botkit_widget shortcode. All plugin versions up to and including 1.1.7 fail to sufficiently sanitize and escape this parameter, allowing authenticated users with Contributor-level access or higher to inject arbitrary JavaScript code into pages. Because this is a stored XSS, the malicious script persists in the website content and executes in the browsers of any users who visit the affected pages, potentially compromising user sessions, stealing cookies, or performing unauthorized actions on behalf of users. The CVSS 3.1 base score is 6.4, reflecting medium severity, with attack vector being network, low attack complexity, requiring privileges (Contributor or higher), no user interaction, and a scope change due to affecting other users. No public exploits are known currently, but the vulnerability poses a significant risk especially for sites with multiple contributors or editors. The vulnerability is categorized under CWE-79, which is a common and impactful web application security weakness. The lack of a patch link suggests that a fix may not yet be publicly available, emphasizing the need for interim mitigations.

For European organizations, the impact of this vulnerability can be significant, especially for those relying on WordPress sites with multiple content contributors or editors. Exploitation could lead to session hijacking, unauthorized actions performed in the context of other users, defacement, or data leakage. This can damage organizational reputation, lead to regulatory non-compliance (e.g., GDPR breaches if personal data is exposed), and cause operational disruptions. Since the vulnerability requires authenticated access at Contributor level or above, organizations with lax user permission management or large editorial teams are at higher risk. Attackers could leverage this vulnerability to escalate privileges or move laterally within the web application environment. The stored nature of the XSS means that once injected, the malicious code affects all visitors to the compromised pages, increasing the potential scope of impact. Given the widespread use of WordPress in Europe, especially among SMEs and public sector entities, the threat is relevant and warrants prompt attention.

1. Monitor the vendor’s official channels for a security patch and apply it immediately once available. 2. Until a patch is released, restrict Contributor-level permissions to trusted users only and review existing user roles to minimize exposure. 3. Implement Web Application Firewall (WAF) rules to detect and block suspicious payloads targeting the 'id' parameter in the ai_botkit_widget shortcode. 4. Employ Content Security Policy (CSP) headers to limit the execution of unauthorized scripts on affected pages. 5. Conduct regular security audits and code reviews of custom shortcodes or plugins to identify similar input sanitization issues. 6. Educate content contributors about the risks of injecting untrusted content and enforce strict input validation policies. 7. Consider temporarily disabling or removing the AI BotKit plugin if the risk is deemed unacceptable and no patch is available. 8. Use security plugins that provide XSS protection and monitor logs for unusual activity related to shortcode usage.