A vulnerability, which was classified as critical, has been found in Adrian Tobey Groundhogg Plugin up to 4.4.1 on WordPress. Affected is an unknown function. This manipulation causes path traversal.

The identification of this vulnerability is CVE-2026-57389. It is possible to initiate the attack remotely. There is no exploit available.