CVE-2025-26894

Name of the Vulnerable Software and Affected Versions NotFound Coming Soon, Maintenance Mode versions n/a through 1.1.1

Description The issue is related to Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion' vulnerability. This allows PHP Local File Inclusion in NotFound Coming Soon, Maintenance Mode.

Recommendations For versions n/a through 1.1.1, update to a version that fixes the Improper Control of Filename for Include/Require Statement in PHP Program vulnerability. As a temporary workaround, consider restricting access to sensitive files and directories to minimize the risk of exploitation.