CVE-2025-58937

Name of the Vulnerable Software and Affected Versions axiomthemes Tacticool versions through 1.0.13

Description An issue exists in axiomthemes Tacticool that allows for PHP Local File Inclusion due to Improper Control of Filename for Include/Require Statement. This impacts the application's handling of file inclusion operations. The vulnerability allows an attacker to potentially include and execute arbitrary PHP files on the server.

Recommendations Update axiomthemes Tacticool to a version greater than 1.0.13.