CVE-2026-0813 is a stored Cross-Site Scripting (XSS) vulnerability identified in the prasannasp Short Link plugin for WordPress, affecting all versions up to and including 1.0. The vulnerability stems from improper neutralization of input during web page generation, specifically in the handling of the 'short_link_post_title' and 'short_link_page_title' parameters. Due to insufficient input sanitization and lack of output escaping, authenticated users with administrator-level privileges can inject arbitrary JavaScript code into pages generated by the plugin. This malicious code is stored persistently and executed in the browsers of any users who visit the affected pages, potentially leading to session hijacking, credential theft, or unauthorized actions performed on behalf of the victim. The vulnerability requires high privileges (administrator or above) to exploit and does not require user interaction once the malicious script is injected. The CVSS v3.1 base score is 4.4, reflecting medium severity, with attack vector being network, attack complexity high, privileges required high, no user interaction, and scope changed due to potential impact beyond the vulnerable component. No patches or official fixes are currently listed, and no known exploits have been reported in the wild as of the publication date. The vulnerability is categorized under CWE-79, which covers improper neutralization of input leading to XSS attacks. Given the widespread use of WordPress and the potential for privilege escalation or lateral movement within compromised sites, this vulnerability warrants attention from site administrators and security teams.

The primary impact of CVE-2026-0813 is the potential for stored XSS attacks on WordPress sites using the prasannasp Short Link plugin. Successful exploitation allows an attacker with administrator privileges to inject malicious scripts that execute in the context of any user visiting the affected pages. This can lead to theft of session cookies, enabling account takeover, unauthorized actions performed with the victim's privileges, defacement of website content, or distribution of malware. Although exploitation requires high privileges, the risk is significant in environments where multiple administrators or privileged users exist, as a compromised administrator account could be leveraged to escalate attacks. The vulnerability affects confidentiality and integrity but not availability. Organizations relying on this plugin may face reputational damage, data breaches, and compliance issues if exploited. The absence of known exploits in the wild reduces immediate risk but does not eliminate the threat, especially as attackers often target WordPress plugins due to their popularity. The scope of affected systems is limited to WordPress sites using this specific plugin, but given WordPress's global market share, the potential impact is broad.

To mitigate CVE-2026-0813, organizations should first verify if they use the prasannasp Short Link plugin and assess the version in use. Since no official patch is currently available, immediate mitigation steps include restricting administrator-level access to trusted personnel only and auditing existing administrator accounts for suspicious activity. Implement strict input validation and output encoding for the affected parameters ('short_link_post_title' and 'short_link_page_title') by applying custom filters or security plugins that sanitize inputs and escape outputs properly. Employ Web Application Firewalls (WAFs) with rules designed to detect and block XSS payloads targeting these parameters. Regularly monitor logs and user activity for signs of script injection or anomalous behavior. Educate administrators on the risks of XSS and the importance of secure plugin management. Once a patch or updated plugin version is released, promptly apply it. Additionally, consider disabling or replacing the plugin if it is not essential to reduce attack surface. Conduct periodic security assessments and penetration testing focused on plugin vulnerabilities to proactively identify and remediate similar issues.