A vulnerability, which was classified as problematic , was found in Magentech SW Core Plugin up to 1.7.18 on WordPress. Impacted is an unknown function. Such manipulation leads to improper control of filename for include/require statement in php program ('php remote file inclusion'). This vulnerability is uniquely identified as CVE-2026-39661 . The attack can be launched remotely. No exploit exists.