CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CreativeMindsSolutions CM Tooltip Glossary enhanced-tooltipglossary allows Stored XSS.This issue affects CM Tooltip Glossary: from n/a through = 4.3.9...

6.5CVSS5.9AI score0.00321EPSS

Exploits0References1

OSV•added 2025/05/15 8:15 p.m.•2 views

CVE-2024-5026

The CM Tooltip Glossary WordPress plugin before 4.3.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS5.8AI score0.00166EPSS

Exploits1References1

Cvelist•added 2025/05/15 8:7 p.m.•10 views

CVE-2024-5026 CM Tooltip Glossary < 4.3.4 - Admin+ Stored XSS

0.00166EPSS

Exploits1References1

Vulnrichment•added 2025/05/15 8:7 p.m.•7 views

CVE-2024-5026 CM Tooltip Glossary < 4.3.4 - Admin+ Stored XSS

5AI score0.00166EPSS

Exploits1References1

Positive Technologies•added 2025/05/15 12:0 a.m.•4 views

PT-2025-21477 · WordPress · Cm Tooltip Glossary

Name of the Vulnerable Software and Affected Versions: CM Tooltip Glossary WordPress plugin version prior to 4.3.4 Description: The issue concerns the CM Tooltip Glossary WordPress plugin, which does not properly sanitize and escape some of its settings. This could allow high-privilege users, suc...

4.8CVSS4.8AI score0.00166EPSS

Exploits1References4

Patchstack•added 2025/02/03 4:18 p.m.•3 views

WordPress CM Tooltip Glossary plugin <= 4.4.1 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Peter Thaleikis Patchstack Alliance in WordPress Plugin CM Tooltip Glossary versions = 4.4.1...

7.1CVSS6.1AI score0.00232EPSS

Exploits0Affected Software1

Patchstack•added 2025/02/03 3:25 p.m.•3 views

WordPress CM Tooltip Glossary plugin <= 4.3.11 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin CM Tooltip Glossary versions = 4.3.11...

7.1CVSS6.1AI score0.00232EPSS

Exploits0Affected Software1

CNNVD•added 2024/11/26 12:0 a.m.•2 views

WordPress plugin多款产品跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in...

6.1CVSS7.8AI score0.02206EPSS

Exploits0References16

Patchstack•added 2024/11/25 12:0 a.m.•13 views

WordPress CM Tooltip Glossary Plugin <= 4.3.11 is vulnerable to Cross Site Scripting (XSS)

Software CM Tooltip Glossary Type Plugin Vulnerable versions = 4.3.11 Fixed in 4.3.12 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-11202 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 43a316167b95 Credits Peter...

6.1CVSS5.9AI score0.02206EPSS

Exploits0References3Affected Software1

NVD•added 2024/10/11 7:15 p.m.•17 views

CVE-2024-48041

6.5CVSS0.00321EPSS

Exploits0References1

Cvelist•added 2024/10/11 6:27 p.m.•28 views

CVE-2024-48041 WordPress CM Tooltip Glossary plugin <= 4.3.9 - Stored Cross-Site Scripting vulnerability

6.5CVSS0.00321EPSS

Exploits0References1

Vulnrichment•added 2024/10/11 6:27 p.m.•9 views

CVE-2024-48041 WordPress CM Tooltip Glossary plugin <= 4.3.9 - Stored Cross-Site Scripting vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in CreativeMindsSolutions CM Tooltip Glossary allows Stored XSS.This issue affects CM Tooltip Glossary: from n/a through 4.3.9...

6.5CVSS6.8AI score0.00321EPSS

Exploits0References1

NVD•added 2024/08/12 11:15 p.m.•10 views

CVE-2024-43149

6.5CVSS0.00252EPSS

Exploits0References1

ATTACKERKB•added 2024/08/12 11:15 p.m.•1 views

CVE-2024-43149

6.5CVSS5.2AI score0.00252EPSS

Exploits0References2

Vulnrichment•added 2024/08/12 10:13 p.m.•19 views

CVE-2024-43149 WordPress CM Tooltip Glossary Plugin <= 4.3.7 - Cross Site Scripting (XSS) vulnerability

6.5CVSS6.8AI score0.00252EPSS

Exploits0References1

Patchstack•added 2024/08/07 12:0 a.m.•8 views

WordPress CM Tooltip Glossary Plugin <= 4.3.7 is vulnerable to Cross Site Scripting (XSS)

Software CM Tooltip Glossary Type Plugin Vulnerable versions = 4.3.7 Fixed in 4.3.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-43149 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 17450d5816aa Credits LVT-tholv2k Required privilege...

6.5CVSS6.6AI score0.00252EPSS

Exploits0References2Affected Software1

CVE•added 2024/05/02 4:52 p.m.•50 views

CVE-2024-4086

The CM Tooltip Glossary – Powerful Glossary Plugin for WordPress (CM Tooltip Glossary) CVE-2024-4086; affected versions up to 4.2.11. Description: Cross-Site Request Forgery due to missing/incorrect nonce validation when saving settings, enabling unauthenticated attackers to change or reset plugi...

4.3CVSS6.3AI score0.00111EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by