CVE-2025-13626 | myLCO Plugin up to 0.8.1 on WordPress $_SERVER[‘PHP_SELF’] cross site scripting

A vulnerability, which was classified as problematic, has been found in myLCO Plugin up to 0.8.1 on WordPress. This affects an unknown function. This manipulation of the argument $_SERVER[‘PHP_SELF’] causes cross site scripting.

This vulnerability appears as CVE-2025-13626. The attack may be initiated remotely. There is no available exploit.VulDB Recent EntriesRead More