CVE-2025-68552
Awaiting Analysis Awaiting Analysis - Queue
Local File Inclusion in WooCommerce Coming Soon Product

Publication date: 2026-02-20

Last updated on: 2026-04-27

Assigner: Patchstack

Description
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WebCodingPlace WooCommerce Coming Soon Product with Countdown woo-coming-soon-product allows PHP Local File Inclusion.This issue affects WooCommerce Coming Soon Product with Countdown: from n/a through <= 5.0.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-20
Last Modified
2026-04-27
Generated
2026-06-16
AI Q&A
2026-02-20
EPSS Evaluated
2026-06-14
NVD
CVE-2025-68552
EUVD
EUVD-2025-207922
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
webcodingplace woo_coming_soon_product From 5.0 (inc)
webcodingplace woo_coming_soon_product_with_countdown to 5.0 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-98 The PHP application receives input from an upstream component, but it does not restrict or incorrectly restricts the input before its usage in "require," "include," or similar functions.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-68552 is a Local File Inclusion (LFI) vulnerability found in the WordPress WooCommerce Coming Soon Product with Countdown Plugin versions 5.0 and earlier.

This vulnerability allows an attacker to include and display local files from the target website by exploiting improper control of filename parameters in PHP include/require statements.

An attacker with subscriber-level privileges can exploit this flaw to access sensitive files on the server.

Impact Analysis

[{'type': 'paragraph', 'content': 'Exploitation of this vulnerability can lead to exposure of sensitive information such as database credentials.'}, {'type': 'paragraph', 'content': "Depending on the website's configuration, an attacker could potentially take over the entire database."}, {'type': 'paragraph', 'content': 'This can result in severe security breaches including data theft, unauthorized access, and further compromise of the website.'}] [1]

Compliance Impact

I don't know

Detection Guidance

[{'type': 'paragraph', 'content': 'This vulnerability allows an attacker to include and display local files via the WooCommerce Coming Soon Product with Countdown Plugin versions 5.0 and earlier. Detection can involve monitoring for suspicious HTTP requests attempting to exploit Local File Inclusion (LFI) patterns targeting this plugin.'}, {'type': 'list_item', 'content': 'Check web server logs for requests containing suspicious parameters that include local file paths or traversal sequences (e.g., ../).'}, {'type': 'list_item', 'content': 'Use commands like grep to search access logs for common LFI payloads, for example: grep -iE "(\\.{2}/|etc/passwd|php://)" /var/log/apache2/access.log'}, {'type': 'list_item', 'content': 'Employ web application firewall (WAF) logs or rules provided by Patchstack to detect and block exploitation attempts.'}] [1]

Mitigation Strategies

The most effective immediate step is to update the WooCommerce Coming Soon Product with Countdown Plugin to version 5.1 or later, where this vulnerability is patched.

Until the update can be applied, users should implement the mitigation rules provided by Patchstack to block attacks targeting this vulnerability.

Enabling automatic vulnerability mitigation and auto-update features for affected plugins can also help reduce risk.

Additionally, monitor your systems for suspicious activity and restrict subscriber-level privileges where possible to limit exploitation potential.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-68552. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart