CVE-2025-58889 | axiomthemes Towny Plugin up to 1.16 on WordPress filename control

A vulnerability was found in axiomthemes Towny Plugin up to 1.16 on WordPress. It has been rated as critical. This vulnerability affects unknown code. Performing manipulation results in improper control of filename for include/require statement in php program (‘php remote file inclusion’).

This vulnerability is reported as CVE-2025-58889. The attack is possible to be carried out remotely. No exploit exists.VulDB Recent EntriesRead More