CVE-2025-13512 | CoSign Single Signon Plugin up to 0.3.1 on WordPress $_SERVER[‘PHP_SELF’] cross site scripting

December 4, 2025 Yanac

A vulnerability marked as problematic has been reported in CoSign Single Signon Plugin up to 0.3.1 on WordPress. This vulnerability affects unknown code. Performing manipulation of the argument $_SERVER[‘PHP_SELF’] results in cross site scripting.

This vulnerability is cataloged as CVE-2025-13512. It is possible to initiate the attack remotely. There is no exploit available.VulDB Recent EntriesRead More