CVE-2025-58885 | AncoraThemes Pathfinder Plugin up to 1.16 on WordPress filename control

A vulnerability was found in AncoraThemes Pathfinder Plugin up to 1.16 on WordPress. It has been classified as critical. Affected by this issue is some unknown functionality. This manipulation causes improper control of filename for include/require statement in php program (‘php remote file inclusion’).

This vulnerability is registered as CVE-2025-58885. Remote exploitation of the attack is possible. No exploit is available.VulDB Recent EntriesRead More