CVE-2025-4391 | CodeRevolution Echo RSS Feed Post Generator Plugin up to 5.4.8.1 on WordPress echo_generate_featured_image unrestricted upload

Inserito da Angelo Barbosa | Mag 16, 2025 | CVE

A vulnerability was found in CodeRevolution Echo RSS Feed Post Generator Plugin up to 5.4.8.1 on WordPress. It has been classified as critical. This affects the function echo_generate_featured_image. The manipulation leads to unrestricted upload.

This vulnerability is uniquely identified as CVE-2025-4391. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2025-4391 | CodeRevolution Echo RSS Feed Post Generator Plugin up to 5.4.8.1 on WordPress echo_generate_featured_image unrestricted upload

Post correlati

CVE-2024-47761 | GLPI up to 10.0.16 Notification improper authentication (GHSA-x794-564w-vgxx)

CVE-2024-26788 | Linux Kernel up to 6.7.8 fsl-qdma initialization

CVE-2024-53093 | Linux Kernel up to 6.1.117/6.6.61/6.11.8 nvme-multipath scan_work deadlock

CVE-2024-54275 | Wibergs Web CSV to HTML Plugin up to 3.04 on WordPress cross site scripting