A vulnerability identified as critical has been detected in Edge-mes Overworld Plugin up to 1.5 on WordPress. Affected is an unknown function of the component Include/Require Statement. The manipulation of the argument filename leads to file inclusion.

This vulnerability is documented as CVE-2026-57800. The attack can be initiated remotely. There is not any exploit available.