CVE-2025-13701 | Shabat Keeper Plugin up to 0.4.4 on WordPress $_SERVER[‘PHP_SELF’] cross site scripting

January 9, 2026 Yanac

A vulnerability, which was classified as problematic, has been found in Shabat Keeper Plugin up to 0.4.4 on WordPress. The impacted element is an unknown function. Performing a manipulation of the argument $_SERVER[‘PHP_SELF’] results in cross site scripting.

This vulnerability is known as CVE-2025-13701. Remote exploitation of the attack is possible. No exploit is available.VulDB Recent EntriesRead More