CVE-2025-54727 WordPress CM On Demand Search And Replace Plugin <= 1.5.2 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CreativeMindsSolutions CM On Demand Search And Replace allows Stored XSS. This issue affects CM On Demand Search And Replace: from n/a through 1.5.2...

CVE-2025-54727 WordPress CM On Demand Search And Replace Plugin <= 1.5.2 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CreativeMindsSolutions CM On Demand Search And Replace cm-on-demand-search-and-replace allows Stored XSS.This issue affects CM On Demand Search And Replace: from n/a through = 1.5.2...

CVE-2025-54727

CVE-2025-54727 affects CreativeMindsSolutions CM On Demand Search And Replace (plugin) with versions up to 1.5.2. The issue is an stored XSS caused by improper input neutralization during web page generation. Documents specify vulnerable versions (

CVE-2025-54728 WordPress CM On Demand Search And Replace Plugin <= 1.5.2 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in CreativeMindsSolutions CM On Demand Search And Replace cm-on-demand-search-and-replace allows Cross Site Request Forgery.This issue affects CM On Demand Search And Replace: from n/a through = 1.5.2...

CVE-2025-54728

CVE-2025-54728 describes a Cross-Site Request Forgery (CSRF) vulnerability in CreativeMindsSolutions CM On Demand Search And Replace for WordPress, affecting versions up to 1.5.2. The issue enables CSRF by tricking authenticated users into performing unintended actions. The CVSS 3.1 base score is...

CVE-2025-54728 WordPress CM On Demand Search And Replace Plugin <= 1.5.2 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in CreativeMindsSolutions CM On Demand Search And Replace allows Cross Site Request Forgery. This issue affects CM On Demand Search And Replace: from n/a through 1.5.2...

WordPress CM On Demand Search And Replace Plugin <= 1.5.2 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Bao BlueRock in WordPress Plugin CM On Demand Search And Replace versions = 1.5.2...

WordPress CM On Demand Search And Replace Plugin <= 1.5.2 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by Bao BlueRock in WordPress Plugin CM On Demand Search And Replace versions = 1.5.2...

PT-2025-33385 · Creativemindssolutions · Cm On Demand Search/Replace

Name of the Vulnerable Software and Affected Versions: CreativeMindsSolutions CM On Demand Search And Replace versions through 1.5.2 Description: The software contains an Improper Neutralization of Input During Web Page Generation issue, which allows for Stored Cross-site Scripting XSS...

Linux Distros Unpatched Vulnerability : CVE-2021-41801

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ReplaceText extension through 1.41 for MediaWiki has Incorrect Access Control. When a user is blocked after submitting a replace job, the job is still run,...

Malicious code in redux-replace-rce (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis eb28c0e340d0d3220c0b6c87681ecdb8ff015040d97ed20852a5fabf651f503d The OpenSSF Package Analysis project identified 'redux-replace-rce' @...

Cross-site Scripting (XSS)

Overview roundup is a simple-to-use and -install issue-tracking system with command-line, web and e-mail interfaces. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the interaction between URLs and issue tracker templates. An attacker can execute arbitrary scripts...

Flatboard Pro 跨站脚本漏洞

Flatboard Pro is an open source forum system by Flatboard. A cross-site scripting vulnerability exists in Flatboard Pro versions prior to 3.2.2, which stems from insufficient validation of the replace parameter input in config.php, and could lead to a stored cross-site scripting attack...

WordPress CM On Demand Search And Replace plugin <= 1.5.5 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Mika in WordPress Plugin CM On Demand Search And Replace versions = 1.5.5...

CVE-2025-53285

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in The Website Flip Add & Replace Affiliate Links for Amazon add-replace-affiliate-links-for-amazon allows Stored XSS.This issue affects Add & Replace Affiliate Links for Amazon: from n/a through =...

CVE-2025-53285

CVE-2025-53285 concerns the WordPress plugin Add & Replace Affiliate Links for Amazon. The supplied documents confirm a stored Cross‑Site Scripting (XSS) vulnerability caused by improper input neutralization during web page generation, affecting versions up to 1.0.6. The CVSS details (AV:N/AC:L/P...

CVE-2025-53285 WordPress Add & Replace Affiliate Links for Amazon plugin <= 1.0.6 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in The Website Flip Add & Replace Affiliate Links for Amazon add-replace-affiliate-links-for-amazon allows Stored XSS.This issue affects Add & Replace Affiliate Links for Amazon: from n/a through =...

CVE-2025-6559

Multiple wireless router models from Sapido have an OS Command Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the server. The affected models are out of support; replacing the device is recommended...

CVE-2025-49972

Cross-Site Request Forgery CSRF vulnerability in David Wood TM Replace Howdy tm-replace-howdy allows Cross Site Request Forgery.This issue affects TM Replace Howdy: from n/a through = 1.4.2...

CVE-2025-49972

Cross-Site Request Forgery CSRF vulnerability in David Wood TM Replace Howdy tm-replace-howdy allows Cross Site Request Forgery.This issue affects TM Replace Howdy: from n/a through = 1.4.2...