Shortpixel Enable Media Replace
5 CVEs affecting Shortpixel Enable Media Replace. Latest disclosed: 2026-06-09. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-31081 | High | 7.1 | 2025-04-01 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ShortPixel Enable Media Replace enable-media-replace allo… |
CVE-2026-5714 | Medium | 6.4 | 2026-06-09 | The Enable Media Replace plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘location_dir’ parameter in all versions up to, and includin… |
CVE-2025-9496 | Medium | 6.4 | 2025-10-11 | The Enable Media Replace plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's file_modified shortcode in all versions up to, and… |
CVE-2026-2732 | Medium | 5.4 | 2026-03-04 | The Enable Media Replace plugin for WordPress is vulnerable to unauthorized modification of data due to an improper capability check on the 'RemoveBackGroundVi… |
CVE-2023-6737 | Medium | 4.7 | 2024-01-11 | The Enable Media Replace plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the SHORTPIXEL_DEBUG parameter in all versions up to, and inc… |