A vulnerability identified as problematic has been detected in Axiomthemes Confidant Plugin up to 1.4 on WordPress. This impacts an unknown function. This manipulation causes improper control of filename for include/require statement in php program ('php remote file inclusion'). This vulnerability is registered as CVE-2025-53440 . Remote exploitation of the attack is possible. No exploit is available.