CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
What the vulnerability does
The Enable Media Replace plugin for WordPress is vulnerable to unauthorized modification of data due to an improper capability check on the 'RemoveBackGroundViewController::load' function in all versions up to, and including, 4.1.7. This makes it possible for authenticated attackers, with Author-level access and above, to replace any attachment with a removed background attachment.
Explanation of Vulnerability in Simple Terms
Enable Media Replace versions 4.1.7 and earlier lack proper authorization checks, allowing authenticated users with low privileges to modify or delete media files they should not have access to. The vulnerability affects the plugin's core file replacement functionality. Site administrators should update to a version newer than 4.1.7 to restore proper access controls.
What an attacker can do
Modify or delete media files belonging to other users or restricted content areas.
Potential impact on your site
Unauthorized users can corrupt, replace, or remove media assets, potentially disrupting site content and user trust.
Conditions required to exploit
Attacker must have a low-privilege WordPress account (e.g., contributor or subscriber role).
Key dates
External resources
Related vulnerabilities
