Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ShortPixel Enable Media Replace allows Stored XSS.
This issue affects Enable Media Replace: from n/a through 4.2.1.
This issue affects Enable Media Replace: from n/a through 4.2.1.
Analysis and contextual insights are available on OpenCVE Cloud.
Remediation
Vendor Solution
Update the WordPress Enable Media Replace Plugin to the latest available version (at least 4.2.2).
Tracking
Sign in to view the affected projects.
Advisories
No advisories yet.
References
History
Wed, 01 Jul 2026 17:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ShortPixel Enable Media Replace allows Stored XSS. This issue affects Enable Media Replace: from n/a through 4.2.1. | |
| Title | WordPress Enable Media Replace plugin <= 4.2.1 - Cross Site Scripting (XSS) vulnerability | |
| Weaknesses | CWE-79 | |
| References |
| |
| Metrics |
cvssV3_1
|
Subscriptions
No data.
Status: PUBLISHED
Assigner: Patchstack
Published:
Updated: 2026-07-01T17:07:22.030Z
Reserved: 2026-06-25T08:04:13.263Z
Link: CVE-2026-57722
No data.
No data.
No data.
OpenCVE Enrichment
No data.
Weaknesses