2 matches found
CVE-2024-43149 WordPress CM Tooltip Glossary Plugin <= 4.3.7 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in CreativeMindsSolutions CM Tooltip Glossary allows Stored XSS.This issue affects CM Tooltip Glossary: from n/a through 4.3.7...
CVE-2024-4086
The CM Tooltip Glossary – Powerful Glossary Plugin for WordPress (CM Tooltip Glossary) CVE-2024-4086; affected versions up to 4.2.11. Description: Cross-Site Request Forgery due to missing/incorrect nonce validation when saving settings, enabling unauthenticated attackers to change or reset plugi...