A vulnerability identified as problematic has been detected in wpvividplugins WPvivid Plugin up to 0.9.128 on WordPress. The impacted element is the function delete_cancel_staging_site of the component Path Validation Handler . The manipulation leads to file inclusion. This vulnerability is referenced as CVE-2025-12656 . Remote exploitation of the attack is possible. No exploit is available. You should upgrade the affected component.