Unrated severityNVD Advisory· Published Jan 28, 2026· Updated Jan 29, 2026
AI (Artificial Intelligence) - Moderately critical - Cross-Site Scripting - SA-CONTRIB-2025-119
CVE-2025-13981
Description
Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") vulnerability in Drupal AI (Artificial Intelligence) allows Cross-Site Scripting (XSS).This issue affects AI (Artificial Intelligence): from 0.0.0 before 1.0.7, from 1.1.0 before 1.1.7, from 1.2.0 before 1.2.4.
Affected products
2- Range: <1.0.7,>=1.1.0,<1.1.7,>=1.2.0,<1.2.4Package: https://wordpress.org/plugins/ai
- Range: <1.0.7, >=1.1.0 <1.1.7, >=1.2.0 <1.2.4
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.