cleantalk
Vulnerabilities and Security Researches

Enable Media Replace, f4b1dd6a3e69c6d6edbf516b825332a3724c8798

CVE, Research URL

f4b1dd6a3e69c6d6edbf516b825332a3724c8798

Home page URL

Security reports for Enable Media Replace

Application

Enable Media Replace

Published on
Sep 15, 2023
Research Description
Enable Media Replace [enable-media-replace] < 4.1.3 WordPress Enable Media Replace Plugin < 4.1.3 is vulnerable to PHP Object Injection Update the WordPress Enable Media Replace plugin to the latest available version (at least 4.1.3). Unknown discovered and reported this PHP Object Injection vulnerability in WordPress Enable Media Replace Plugin. This could allow a malicious actor to execute code injection, SQL injection, path traversal, denial of service, and more if a proper POP chain is present. This vulnerability has been fixed in version 4.1.3.
Affected versions
max 4.1.3.
Status
vulnerable
Previous vulnerability researches
Enable Media Replace , May 26, 2026
Enable Media Replace (2071476a-d6de-4035-82e5-a85f73f3e3d3) , Jun 16, 2026
Enable Media Replace (df3e2fab6a5af3b9e0d27a3576fbf0a2a4fd63ea) , Jun 16, 2026
Enable Media Replace (f4b1dd6a3e69c6d6edbf516b825332a3724c8798) , Jun 16, 2026
Enable Media Replace (CVE-2026-2732) , Apr 14, 2026
New vulnerability
wpDataTables &#8211; WordPress Data Table, Dynamic Tables &amp; Table Charts Plugin (CVE-2026-54825) , Jun 24, 2026
Interactive Content – H5P (CVE-2026-56006) , Jun 24, 2026
Transbank Webpay REST (CVE-2026-6858) , Jun 24, 2026
ProfileGrid – User Profiles, Memberships, Groups and Communities (CVE-2026-4610) , Jun 24, 2026
Paymob for WooCommerce (CVE-2026-56025) , Jun 24, 2026