VYPR

Echo

by Nextapp

CVEs (3)

  • CVE-2025-53432HigDec 18, 2025
    risk 0.53cvss 8.1epss 0.00

    Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Echo echo allows PHP Local File Inclusion.This issue affects Echo: from n/a through <= 1.15.0.

  • CVE-2009-5135May 2, 2013
    risk 0.04cvss epss 0.10

    The Java XML parser in Echo before 2.1.1 and 3.x before 3.0.b6 allows remote attackers to read arbitrary files via a request containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

  • CVE-2015-8007Nov 9, 2015
    risk 0.00cvss epss 0.02

    The Echo extension for MediWiki does not properly implement the hideuser functionality, which allows remote authenticated users to see hidden usernames in "non-revision based" notifications, as demonstrated by viewing a hidden username in a Thanks notification.