Shortpixel Enable Media Replace

5 CVEs affecting Shortpixel Enable Media Replace. Latest disclosed: 2026-06-09. Critical: 0, High: 1.

Top CVEs affecting Shortpixel Enable Media Replace
CVESeverityScorePublishedSummary
CVE-2025-31081High7.12025-04-01Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ShortPixel Enable Media Replace enable-media-replace allo…
CVE-2026-5714Medium6.42026-06-09The Enable Media Replace plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘location_dir’ parameter in all versions up to, and includin…
CVE-2025-9496Medium6.42025-10-11The Enable Media Replace plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's file_modified shortcode in all versions up to, and…
CVE-2026-2732Medium5.42026-03-04The Enable Media Replace plugin for WordPress is vulnerable to unauthorized modification of data due to an improper capability check on the 'RemoveBackGroundVi…
CVE-2023-6737Medium4.72024-01-11The Enable Media Replace plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the SHORTPIXEL_DEBUG parameter in all versions up to, and inc…