WordPress Plugin 'Hello Dolly' Allows Unauthorized File Access

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

WordPress Plugin 'Hello Dolly' Allows Unauthorized File Access

ECHO-0786-47fc-4824

Summary

A security issue in the 'Hello Dolly' plugin for WordPress allows attackers to access and read arbitrary files on the server. This could potentially lead to sensitive information being exposed. To fix this, update the plugin to the latest version or remove it if unnecessary.

What to do

No fix is available yet. Check with your software vendor for updates.

Affected software

Vendor	Product	Affected versions	Fix available
–	binutils	All versions	–

Original title

ECHO-0786-47fc-4824

https://advisory.echohq.com/cve/CVE-2025-69647 URL

Published: 10 Mar 2026 · Updated: 14 Mar 2026 · First seen: 10 Mar 2026