A vulnerability classified as problematic has been found in Select-mes Tonda Plugin up to 2.5 on WordPress. Affected is an unknown function. Performing a manipulation of the argument filename results in file inclusion.
This vulnerability is cataloged as CVE-2026-57805. It is possible to initiate the attack remotely. There is no exploit available.