The AI Chatbot & Workflow Automation by AIWU plugin permits unauthenticated attackers to inject arbitrary JavaScript through an incorrectly sanitized 'X-Forwarded-For' HTTP header. The injected code is stored server‑side and executed whenever a user views a page that contains the stored value, giving potential for data theft, click‑jacking, or session hijacking. Practical exploitation is limited by a 20‑character storage cap on the header, but even short payloads can deliver malicious scripts, compromise user accounts, or spread to other sites via cross‑site attacks. The weakness stems from insufficient input validation (CWE‑79).

WordPress sites running the AI Chatbot & Workflow Automation by AIWU plugin (vendor wupsales) in versions 1.4.14 or earlier are affected. The vulnerability is specific to the plugin code and does not affect core WordPress or unrelated plugins.

The CVSS score is 6.4, indicating a moderate severity. EPSS is not available, so the current exploitation probability cannot be quantified; it is not listed in the CISA KEV catalog. The likely attack vector is via an HTTP request that includes a malicious 'X‑Forwarded‑For' header, which any network device or proxy might forward. Attackers need not authenticate, only craft the header to persist a short script in the plugin’s storage. The impact is limited to sites with the vulnerable plugin, but once a script is executed in a user’s browser it can compromise any site session accessed from the same machine.