CVE-2025-58931 | axiomthemes Palatio Plugin up to 1.6 on WordPress filename control

A vulnerability was found in axiomthemes Palatio Plugin up to 1.6 on WordPress and classified as critical. The affected element is an unknown function. Executing manipulation can lead to improper control of filename for include/require statement in php program (‘php remote file inclusion’).

This vulnerability is tracked as CVE-2025-58931. The attack can be launched remotely. No exploit exists.VulDB Recent EntriesRead More