CVE-2025-31081 WordPress Enable Media Replace plugin <= 4.1.5 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ShortPixel Enable Media Replace enable-media-replace allows Reflected XSS.This issue affects Enable Media Replace: from n/a through = 4.1.5...

CVE-2022-46850

Auth. author+ Broken Access Control vulnerability leading to Arbitrary File Deletion in Nabil Lemsieh Easy Media Replace plugin = 0.1.3 versions...

Improper access control

Auth. author+ Broken Access Control vulnerability leading to Arbitrary File Deletion in Nabil Lemsieh Easy Media Replace plugin = 0.1.3 versions...

CVE-2022-46850 WordPress Easy Media Replace Plugin <= 0.1.3 is vulnerable to Arbitrary File Deletion

Auth. author+ Broken Access Control vulnerability leading to Arbitrary File Deletion in Nabil Lemsieh Easy Media Replace plugin = 0.1.3 versions...

Enable Media Replace Plugin for WordPress < 4.0.2 Arbitrary File Upload

The WordPress Enable Media Replace Plugin installed on the remote host is affected by a arbitrary file upload vulnerability. Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number. No source data...

WordPress Enable Media Replace Plugin - Multiple Vulnerabilities

In general, impact of this plugin is information retrieval and manipulation, arbitrary code execution. More details: there exist multiple vulnerabilities in Enable Media Replace plugin for WordPress: 1. Users can perform SQL injection attacks against the plugin. 2. Users can upload arbitrary file...