Return to CVE list

CVE-2025-26889

7.5
Critical

CVE-2025-26889

audit@patchstack.com
Awaiting Analysis
View on MITREFind on GitHub

Description

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in NotFound hockeydata LOS allows PHP Local File Inclusion. This issue affects hockeydata LOS: from n/a through 1.2.4.

Exploits

No known exploits found for this CVE.

Search Exploit-DB

References

audit@patchstack.com
https://patchstack.com/database/wordpress/plugin/hockeydata-los/vulnerability/wordpress-hockeydata-los-plugin-1-2-4-local-file-inclusion-vulnerability?_s_id=cve