Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ShortPixel Enable Media Replace allows Stored XSS.
This issue affects Enable Media Replace: from n/a through 4.2.1.
This issue affects Enable Media Replace: from n/a through 4.2.1.
Project Subscriptions
No data.
Advisories
No advisories yet.
Fixes
Solution
Update the WordPress Enable Media Replace Plugin to the latest available version (at least 4.2.2).
Workaround
No workaround given by the vendor.
References
History
Wed, 01 Jul 2026 17:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ShortPixel Enable Media Replace allows Stored XSS. This issue affects Enable Media Replace: from n/a through 4.2.1. | |
| Title | WordPress Enable Media Replace plugin <= 4.2.1 - Cross Site Scripting (XSS) vulnerability | |
| Weaknesses | CWE-79 | |
| References |
| |
| Metrics |
cvssV3_1
|
Projects
Sign in to view the affected projects.
Status: PUBLISHED
Assigner: Patchstack
Published:
Updated: 2026-07-01T17:07:22.030Z
Reserved: 2026-06-25T08:04:13.263Z
Link: CVE-2026-57722
No data.
No data.
No data.
OpenCVE Enrichment
No data.
Weaknesses