A vulnerability classified as critical has been found in Advanced Settings Plugin up to 3.1.1 on WordPress. The affected element is an unknown function of the component Setting Handler. Performing manipulation results in unrestricted upload.
This vulnerability is cataloged as CVE-2025-58996. It is possible to initiate the attack remotely. There is no exploit available.