CVE-2026-1298

The Easy Replace Image plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 3.5.2. This is due to missing capability checks on the imagereplacementfromurl function that is hooked to the erifromurl AJAX action. This makes it possible for authenticated...

EUVD-2026-4865

The Easy Replace Image plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 3.5.2. This is due to missing capability checks on the imagereplacementfromurl function that is hooked to the erifromurl AJAX action. This makes it possible for authenticated...

CVE-2026-1298

The Easy Replace Image plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 3.5.2. This is due to missing capability checks on the imagereplacementfromurl function that is hooked to the erifromurl AJAX action. This makes it possible for authenticated...

CVE-2026-1298 Easy Replace Image <= 3.5.2 - Missing Authorization to Authenticated (Contributor+) Arbitrary Attachment Replacement

The Easy Replace Image plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 3.5.2. This is due to missing capability checks on the imagereplacementfromurl function that is hooked to the erifromurl AJAX action. This makes it possible for authenticated...

CVE-2026-1298 Easy Replace Image <= 3.5.2 - Missing Authorization to Authenticated (Contributor+) Arbitrary Attachment Replacement

The Easy Replace Image plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 3.5.2. This is due to missing capability checks on the imagereplacementfromurl function that is hooked to the erifromurl AJAX action. This makes it possible for authenticated...

CVE-2026-1298

The CVE-2026-1298 entry refers to the WordPress plugin Easy Replace Image (

WordPress Easy Replace Image plugin <= 3.5.2 - Missing Authorization to Authenticated (Contributor+) Arbitrary Attachment Replacement vulnerability

Missing Authorization to Authenticated Contributor+ Arbitrary Attachment Replacement vulnerability discovered by Nabil Irawan - Heroes Cyber Security in WordPress Plugin Easy Replace Image versions = 3.5.2...

WordPress plugin Easy Replace Image has a security vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

PT-2026-5061

The Easy Replace Image plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 3.5.2. This is due to missing capability checks on the image replacement from url function that is hooked to the eri from url AJAX action. This makes it possible for...

EUVD-2025-13838

Malicious code in bioql PyPI...

CVE-2025-47483

Server-Side Request Forgery SSRF vulnerability in Iulia Cazan Easy Replace Image easy-replace-image allows Server Side Request Forgery.This issue affects Easy Replace Image: from n/a through = 3.5.0...

CVE-2025-47483

Server-Side Request Forgery SSRF vulnerability in Iulia Cazan Easy Replace Image easy-replace-image allows Server Side Request Forgery.This issue affects Easy Replace Image: from n/a through = 3.5.0...

CVE-2025-47483 WordPress Easy Replace Image <= 3.5.0 - Server Side Request Forgery (SSRF) Vulnerability

Server-Side Request Forgery SSRF vulnerability in Iulia Cazan Easy Replace Image allows Server Side Request Forgery. This issue affects Easy Replace Image: from n/a through 3.5.0...

CVE-2025-47483

CVE-2025-47483 is a SSRF vulnerability in the WordPress plugin Easy Replace Image (versions

CVE-2025-47483 WordPress Easy Replace Image plugin <= 3.5.0 - Server Side Request Forgery (SSRF) Vulnerability

Server-Side Request Forgery SSRF vulnerability in Iulia Cazan Easy Replace Image easy-replace-image allows Server Side Request Forgery.This issue affects Easy Replace Image: from n/a through = 3.5.0...

WordPress Easy Replace Image plugin <= 3.5.0 - Server Side Request Forgery (SSRF) Vulnerability

Server Side Request Forgery SSRF Vulnerability discovered by theviper17 in WordPress Plugin Easy Replace Image versions = 3.5.0...

PT-2025-20110 · Unknown · Iulia Cazan Easy Replace Image

Name of the Vulnerable Software and Affected Versions: Iulia Cazan Easy Replace Image versions prior to 3.5.0 Description: The issue is related to a Server-Side Request Forgery SSRF vulnerability, which allows for Server Side Request Forgery. Recommendations: For versions prior to 3.5.0, update t...

WordPress plugin Easy Replace Image 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...