CVE-2025-13895 | Top Position Google Finance Plugin up to 0.1.0 on WordPress $_SERVER[‘PHP_SELF’] cross site scripting

A vulnerability classified as problematic has been found in Top Position Google Finance Plugin up to 0.1.0 on WordPress. Impacted is an unknown function. This manipulation of the argument $_SERVER[‘PHP_SELF’] causes cross site scripting.

This vulnerability appears as CVE-2025-13895. The attack may be initiated remotely. There is no available exploit.VulDB Recent EntriesRead More