A vulnerability identified as critical has been detected in WebCodingPlace Responsive Posts Carousel Pro Plugin up to 15.1 on WordPress. This vulnerability affects unknown code. Performing manipulation results in improper control of filename for include/require statement in php program (‘php remote file inclusion’).

This vulnerability is identified as CVE-2025-68996. The attack can be initiated remotely. There is not any exploit available.