CVE-2025-68877 | Severity.io

Description

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in CedCommerce CedCommerce Integration for Good Market allows PHP Local File Inclusion.This issue affects CedCommerce Integration for Good Market: from n/a through 1.0.6.

Related CPE's

Could not find any relations

References

https://vdp.patchstack.com/database/wordpress/plugin/ced-good-market-integration/vulnerability/wordpress-cedcommerce-integration-for-good-market-plugin-1-0-6-local-file-inclusion-vulnerability?_s_id=cve

Weaknesses

[email protected]

Primary

CWE-98

CVSS impact metrics

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

7.5 · High

CVSS V3.1
CVSS V3.0
CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Received

Published

2025-12-29T16:15:42.870

3 hours ago

Last modified

2025-12-29T16:15:42.870

3 hours ago