CVE-2025-58707 | Axiomthemes Spin Plugin up to 1.8 on WordPress filename control

A vulnerability identified as problematic has been detected in Axiomthemes Spin Plugin up to 1.8 on WordPress. Affected by this issue is some unknown functionality. Performing a manipulation results in improper control of filename for include/require statement in php program (‘php remote file inclusion’).

This vulnerability is cataloged as CVE-2025-58707. It is possible to initiate the attack remotely. There is no exploit available.VulDB Recent EntriesRead More