CVE-2026-0813 is a stored cross-site scripting vulnerability classified under CWE-79, found in the prasannasp Short Link plugin for WordPress. The vulnerability arises from improper input sanitization and output escaping of the 'short_link_post_title' and 'short_link_page_title' parameters. Authenticated attackers with administrator-level access or higher can exploit this flaw by injecting arbitrary JavaScript code into these parameters, which is then stored and rendered on pages viewed by other users. This persistent XSS can lead to session hijacking, privilege escalation, or unauthorized actions performed in the context of the victim's browser session. The vulnerability affects all versions up to and including 1.0 of the plugin. Exploitation requires network access, high authentication privileges, and no user interaction, limiting the attack vector primarily to insiders or compromised admin accounts. The CVSS 3.1 base score is 4.4, reflecting a medium severity due to the limited attack surface and impact primarily on confidentiality and integrity, with no direct availability impact. No patches or known exploits have been reported at the time of publication, but the vulnerability is publicly disclosed and should be addressed promptly to prevent potential abuse.

For European organizations, this vulnerability poses a moderate risk primarily to websites using the prasannasp Short Link plugin on WordPress, especially those with multiple administrators or contributors. Exploitation could lead to unauthorized script execution, enabling attackers to steal session cookies, perform actions on behalf of legitimate users, or inject malicious content that could damage reputation or lead to data leakage. Although the attack requires administrator-level access, insider threats or compromised admin credentials could facilitate exploitation. The impact on confidentiality and integrity is notable, while availability remains unaffected. Organizations in sectors with high reliance on WordPress for public-facing or internal portals, such as media, education, and government, could face increased risk. The absence of known exploits reduces immediate threat but does not eliminate the risk of future attacks once exploit code becomes available.

European organizations should immediately audit their WordPress installations to identify the presence of the prasannasp Short Link plugin and verify the version in use. Since no official patches are currently available, administrators should consider disabling or uninstalling the plugin until a fix is released. Restrict administrator-level access strictly to trusted personnel and enforce strong authentication mechanisms, including multi-factor authentication, to reduce the risk of credential compromise. Implement web application firewalls (WAFs) with rules to detect and block suspicious input patterns targeting the vulnerable parameters. Conduct regular security reviews and monitoring for unusual activity on WordPress admin interfaces. Educate administrators about the risks of stored XSS and the importance of sanitizing inputs when managing plugin settings. Once a patch is released, prioritize immediate application to eliminate the vulnerability. Additionally, consider implementing Content Security Policy (CSP) headers to mitigate the impact of potential XSS attacks.