CVE Catalog
CVE-2026-57756
HighCVSS 8.5Summary
The nicen-localize-image plugin version 1.4.9 and earlier contains a SQL injection vulnerability in the Contributor component. This allows an attacker to manipulate database queries.
Risk Assessment
The risk includes unauthorized data access, modification, or deletion, potentially compromising system confidentiality and integrity.
Recommendation
Immediately update the nicen-localize-image plugin to a version newer than 1.4.9 that includes a fix for this vulnerability.
Original NVD description (English source)
Contributor SQL Injection in nicen-localize-image <= 1.4.9 versions.

