CVE-2025-2257 | Total Upkeep Plugin up to 1.16.10 on WordPress Setting proc_open compression_level command injection
A vulnerability has been found in Total Upkeep Plugin up to 1.16.10 on WordPress and classified as critical. This vulnerability affects the function proc_open of the component Setting Handler. The manipulation of the argument compression_level leads to command injection.
This vulnerability was named CVE-2025-2257. The attack can be initiated remotely. There is no exploit available.