A vulnerability, which was classified as critical, was found in Review Plugin up to 5.3.5 on WordPress. Affected is the function
register_argc_argv. The manipulation leads to file inclusion.
This vulnerability is traded as CVE-2025-2158. It is possible to launch the attack remotely. There is no exploit available.
