17 matches found
EUVD-2024-49817
Malicious code in bioql PyPI...
EUVD-2025-15566
Malicious code in bioql PyPI...
EUVD-2025-28293
Malicious code in bioql PyPI...
CVE-2025-49312
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodeRevolution Echo RSS Feed Post Generator Plugin for WordPress rss-feed-post-generator-echo allows Reflected XSS.This issue affects Echo RSS Feed Post Generator Plugin for WordPress: from n/a...
CVE-2025-49312
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodeRevolution Echo RSS Feed Post Generator Plugin for WordPress rss-feed-post-generator-echo allows Reflected XSS.This issue affects Echo RSS Feed Post Generator Plugin for WordPress: from n/a...
CVE-2025-49312
CVE-2025-49312 – Reflected Cross-Site Scripting in the WordPress plugin CodeRevolution Echo RSS Feed Post Generator . The vulnerability arises from improper neutralization of input during web page generation, enabling a reflected XSS attack. Affected software: Echo RSS Feed Post Generator Plugin ...
CVE-2025-49312 WordPress Echo RSS Feed Post Generator Plugin for WordPress plugin <= 5.4.8.1 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodeRevolution Echo RSS Feed Post Generator Plugin for WordPress rss-feed-post-generator-echo allows Reflected XSS.This issue affects Echo RSS Feed Post Generator Plugin for WordPress: from n/a...
PT-2025-25705 · WordPress · Coderevolution Echo Rss Feed Post Generator Plugin
Name of the Vulnerable Software and Affected Versions: CodeRevolution Echo RSS Feed Post Generator Plugin for WordPress versions through 5.4.8.1 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for...
CVE-2025-4391
The Echo RSS Feed Post Generator plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the echogeneratefeaturedimage function in all versions up to, and including, 5.4.8.1. This makes it possible for unauthenticated attackers to upload arbitrary files...
CVE-2025-4391 Echo RSS Feed Post Generator <= 5.4.8.1 - Unauthenticated Arbitrary File Upload
The Echo RSS Feed Post Generator plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the echogeneratefeaturedimage function in all versions up to, and including, 5.4.8.1. This makes it possible for unauthenticated attackers to upload arbitrary files...
WordPress plugin Echo RSS Feed Post Generator 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...
WordPress Echo RSS Feed Post Generator plugin <= 5.4.6 - Unauthenticated Privilege Escalation vulnerability
Unauthenticated Privilege Escalation vulnerability discovered by Tonn in WordPress Plugin Echo RSS Feed Post Generator Plugin for WordPress versions = 5.4.6...
CVE-2024-9265
The Echo RSS Feed Post Generator plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 5.4.6. This is due to the plugin not properly restricting the roles that can set during registration through the echocheckpostheadersent function. This makes it possib...
CVE-2024-9265
The Echo RSS Feed Post Generator plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 5.4.6. This is due to the plugin not properly restricting the roles that can set during registration through the echocheckpostheadersent function. This makes it possib...
CVE-2024-9265
CVE-2024-9265 describes a privilege-escalation in the WordPress plugin Echo RSS Feed Post Generator . The vulnerability arises because the plugin does not properly restrict which roles can be set during registration via the echo_check_post_header_sent() function, enabling unauthenticated attacker...
VulnCheck KEV: CVE-2024-9265
The Echo RSS Feed Post Generator plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 5.4.6. This is due to the plugin not properly restricting the roles that can set during registration through the echocheckpostheadersent function. This makes...
WordPress Echo RSS Feed Post Generator Plugin for WordPress Plugin <= 5.4.6 is vulnerable to Privilege Escalation
Software Echo RSS Feed Post Generator Plugin for WordPress Type Plugin Vulnerable versions = 5.4.6 Fixed in 5.4.7 OWASP Top 10 A4: Insecure Design Classification Privilege Escalation CVE CVE-2024-9265 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 2e4345a54622 Credits...