A vulnerability labeled as critical has been found in Iptanus File Upload Plugin up to 5.1.6 on WordPress. Affected is an unknown function of the component Setting Handler . The manipulation of the argument duplicatepolicy results in race condition. This vulnerability is reported as CVE-2025-15546 . The attack can be launched remotely. No exploit exists. The affected component should be upgraded.