cvedb.io
CVE-2023-0255
HIGH · CVSS 8.8
EPSS exploitation probability: 0%
Published 2023-02-13T15:15:21.243 · Last modified 2026-06-17T05:25:08.180

Summary

The Enable Media Replace WordPress plugin before 4.0.2 does not prevent authors from uploading arbitrary files to the site, which may allow them to upload PHP shells on affected sites.

Affected products

shortpixel — enable_media_replace

Does this affect you?

Add your gear to cvedb and we'll alert you only when shortpixel ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.