Nixpkgs Security Tracker

Permalink CVE-2025-53432

8.1 HIGH

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): HIGH
Privileges required (PR): NONE
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): HIGH
Availability impact (A): HIGH

created 2 months ago

WordPress Echo theme <= 1.15.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Echo echo allows PHP Local File Inclusion.This issue affects Echo: from n/a through <= 1.15.0.

References

Affected products

echo

=<<= 1.15.0

Matching in nixpkgs

pkgs.echoip

IP address lookup service

nixos-unstable 0-unstable-2023-05-21
- nixpkgs-unstable 0-unstable-2023-05-21
- nixos-unstable-small 0-unstable-2023-05-21

pkgs.client-ip-echo

accepts TCP connections and echoes the client's IP address back to it

nixos-unstable 0.1.0.5
- nixpkgs-unstable 0.1.0.5
- nixos-unstable-small 0.1.0.5

pkgs.vkdevicechooser

Vulkan layer to force a specific device to be used

nixos-unstable 1.1
- nixpkgs-unstable 1.1
- nixos-unstable-small 1.1

pkgs.haskellPackages.echo

A cross-platform, cross-console way to handle echoing terminal input

nixos-unstable 0.1.4
- nixpkgs-unstable 0.1.4
- nixos-unstable-small 0.1.4

pkgs.python312Packages.echo

Callback Properties in Python

nixos-unstable 0.11.0
- nixpkgs-unstable 0.11.0
- nixos-unstable-small 0.11.1

pkgs.python313Packages.echo

Callback Properties in Python

nixos-unstable 0.11.0
- nixpkgs-unstable 0.11.0
- nixos-unstable-small 0.11.1

pkgs.vimPlugins.lspecho-nvim

None

pkgs.python312Packages.llm-echo

Debug plugin for LLM

nixos-unstable 0.3a3
- nixpkgs-unstable 0.3a3
- nixos-unstable-small 0.3a3

pkgs.python313Packages.llm-echo