CVE-2025-58923 | axiomthemes Critique Plugin up to 1.17 on WordPress filename control

A vulnerability has been found in axiomthemes Critique Plugin up to 1.17 on WordPress and classified as critical. This affects an unknown part. This manipulation causes improper control of filename for include/require statement in php program (‘php remote file inclusion’).

This vulnerability is tracked as CVE-2025-58923. The attack is possible to be carried out remotely. No exploit exists.VulDB Recent EntriesRead More