EUVD-2025-15566

Malicious code in bioql PyPI...

CVE-2025-49312

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodeRevolution Echo RSS Feed Post Generator Plugin for WordPress rss-feed-post-generator-echo allows Reflected XSS.This issue affects Echo RSS Feed Post Generator Plugin for WordPress: from n/a...

CVE-2025-49312

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodeRevolution Echo RSS Feed Post Generator Plugin for WordPress rss-feed-post-generator-echo allows Reflected XSS.This issue affects Echo RSS Feed Post Generator Plugin for WordPress: from n/a...

CVE-2025-49312

CVE-2025-49312 – Reflected Cross-Site Scripting in the WordPress plugin CodeRevolution Echo RSS Feed Post Generator . The vulnerability arises from improper neutralization of input during web page generation, enabling a reflected XSS attack. Affected software: Echo RSS Feed Post Generator Plugin ...

CVE-2025-4391

The Echo RSS Feed Post Generator plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the echogeneratefeaturedimage function in all versions up to, and including, 5.4.8.1. This makes it possible for unauthenticated attackers to upload arbitrary files...

CVE-2024-9265

The Echo RSS Feed Post Generator plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 5.4.6. This is due to the plugin not properly restricting the roles that can set during registration through the echocheckpostheadersent function. This makes it possib...