WordPress Plugin 'ECHO' Allows Unauthorized File Uploads

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

WordPress Plugin 'ECHO' Allows Unauthorized File Uploads

ECHO-f779-bf6a-ba8e

Summary

A security issue in the ECHO plugin for WordPress allows attackers to upload malicious files, potentially leading to unauthorized actions on your website. This could compromise your site's security and data. Update the plugin to the latest version to fix this issue.

What to do

Update openssl to version 3.0.19-1~deb12u2.

Affected software

Vendor	Product	Affected versions	Fix available
–	openssl	<= 3.0.19-1~deb12u2	3.0.19-1~deb12u2

Original title

ECHO-f779-bf6a-ba8e

https://advisory.echohq.com/cve/CVE-2026-31789 URL

Published: 8 Apr 2026 · Updated: 8 Apr 2026 · First seen: 8 Apr 2026