WordPress Plugin Enable Media Replace is prone to an SQL injection vulnerability and an arbitrary file upload vulnerability because it fails to sanitize user-supplied data. Exploiting these issues could allow an attacker to compromise the application, execute arbitrary code, access or modify data, or exploit latent vulnerabilities in the underlying database. WordPress Plugin Enable Media Replace version 2.3 is vulnerable; other versions may also be affected.
Update to plugin version 2.4 or latest
WordPress Plugin Contact Form Check Tester Cross-Site Scripting (1.0.2)
WordPress Plugin Popup Modal For Youtube Cross-Site Scripting (1.0.1)
WordPress Plugin WooCommerce Anti-Fraud Security Bypass (3.2)
WordPress Plugin Jetpack-WP Security, Backup, Speed, & Growth Multiple Vulnerabilities (4.0.3)
WordPress Plugin Mass Pages/Posts Creator Cross-Site Scripting (1.2.2)