A vulnerability marked as critical has been reported in Select-mes Struktur Core Plugin up to 2.5.1 on WordPress. This affects an unknown function. This manipulation of the argument filename causes file inclusion.

This vulnerability is tracked as CVE-2026-57803. The attack is possible to be carried out remotely. No exploit exists.