CVE-2025-14132 | Category Dropdown List Plugin up to 1.0 on WordPress $_SERVER[‘PHP_SELF’] cross site scripting

December 11, 2025 Yanac

A vulnerability, which was classified as problematic, was found in Category Dropdown List Plugin up to 1.0 on WordPress. This affects an unknown function. The manipulation of the argument $_SERVER[‘PHP_SELF’] results in cross site scripting.

This vulnerability is cataloged as CVE-2025-14132. The attack may be launched remotely. There is no exploit available.VulDB Recent EntriesRead More