VYPR

Easy Replace Image

by WordPress

Source repositories

CVEs (2)

  • CVE-2025-47483MedMay 7, 2025
    risk 0.32cvss 4.9epss 0.00

    Server-Side Request Forgery (SSRF) vulnerability in Iulia Cazan Easy Replace Image easy-replace-image allows Server Side Request Forgery.This issue affects Easy Replace Image: from n/a through <= 3.5.0.

  • CVE-2026-1298MedJan 28, 2026
    risk 0.28cvss 4.3epss 0.00

    The Easy Replace Image plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 3.5.2. This is due to missing capability checks on the `image_replacement_from_url` function that is hooked to the `eri_from_url` AJAX action. This makes it…