Lucene search
+L

5 matches found

redhatcve
redhatcve
added 2025/05/19 6:9 a.m.13 views

CVE-2025-4391

The Echo RSS Feed Post Generator plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the echogeneratefeaturedimage function in all versions up to, and including, 5.4.8.1. This makes it possible for unauthenticated attackers to upload arbitrary files...

9.8CVSS8.1AI score0.00637EPSS
Exploits0References1
circl
circl
added 2025/05/17 6:43 a.m.29 views

CVE-2025-4391

creationtimestamp| type| source ---|---|--- 2025-05-17 06:43:08+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lpdwv3cpri2p 2025-05-17 17:01:23+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lpezaisxuej2...

9.8CVSS7AI score0.00637EPSS
Exploits0References2
nvd
nvd
added 2025/05/17 6:15 a.m.31 views

CVE-2025-4391

The Echo RSS Feed Post Generator plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the echogeneratefeaturedimage function in all versions up to, and including, 5.4.8.1. This makes it possible for unauthenticated attackers to upload arbitrary files...

9.8CVSS0.00637EPSS
Exploits0References2
cve
cve
added 2025/05/17 5:30 a.m.64 views

CVE-2025-4391

The CVE-2025-4391 in Echo RSS Feed Post Generator for WordPress is a result of missing file type validation in the echo_generate_featured_image() function across all versions up to 5.4.8.1, enabling unauthenticated arbitrary file uploads and potentially remote code execution. Connected sources co...

9.8CVSS9.8AI score0.00637EPSS
Exploits0References2
patchstack
patchstack
added 2025/05/16 10:9 p.m.12 views

WordPress Echo RSS Feed Post Generator plugin <= 5.4.8.1 - Unauthenticated Arbitrary File Upload vulnerability

Unauthenticated Arbitrary File Upload vulnerability discovered by Foxyyy in WordPress Plugin Echo RSS Feed Post Generator Plugin for WordPress versions = 5.4.8.1...

9.8CVSS8.4AI score0.00637EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder