CVE-2025-13895
The CVE-2025-13895 affects the Top Position Google Finance plugin for WordPress. It is a Reflected Cross-Site Scripting flaw caused by insufficient input sanitization and output escaping in the use of $_SERVER['PHP_SELF'], impacting all versions up to 0.1.0. The vulnerability allows unauthenticat...