CVE-2025-58879 | AncoraThemes Festy Plugin up to 1.13.0 on WordPress filename control

A vulnerability was found in AncoraThemes Festy Plugin up to 1.13.0 on WordPress. It has been declared as critical. This affects an unknown part. Such manipulation leads to improper control of filename for include/require statement in php program (‘php remote file inclusion’).

This vulnerability is documented as CVE-2025-58879. The attack can be executed remotely. There is not any exploit available.VulDB Recent EntriesRead More