A vulnerability labeled as problematic has been found in Axiomthemes Crafti Plugin up to 1.12 on WordPress. Affected is an unknown function. Such manipulation leads to improper control of filename for include/require statement in php program ('php remote file inclusion'). This vulnerability is documented as CVE-2025-58705 . The attack can be executed remotely. There is not any exploit available.