CVE Catalog

CVE-2026-57756

HighCVSS 8.5
Published: Updated: Translated: NVD NIST

Summary

The nicen-localize-image plugin version 1.4.9 and earlier contains a SQL injection vulnerability in the Contributor component. This allows an attacker to manipulate database queries.

Risk Assessment

The risk includes unauthorized data access, modification, or deletion, potentially compromising system confidentiality and integrity.

Recommendation

Immediately update the nicen-localize-image plugin to a version newer than 1.4.9 that includes a fix for this vulnerability.

Original NVD description (English source)

Contributor SQL Injection in nicen-localize-image <= 1.4.9 versions.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS