Lucene search
K

74 matches found

Cvelist
Cvelist
added 2025/04/01 5:31 a.m.15 views

CVE-2025-30910 WordPress CM Download Manager plugin <= 2.9.6 - Arbitrary File Deletion vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in CreativeMindsSolutions CM Download Manager cm-download-manager allows Path Traversal.This issue affects CM Download Manager: from n/a through = 2.9.6...

8.6CVSS0.00584EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/01 5:31 a.m.7 views

CVE-2025-30910 WordPress CM Download Manager plugin <= 2.9.6 - Arbitrary File Deletion vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in CreativeMindsSolutions CM Download Manager cm-download-manager allows Path Traversal.This issue affects CM Download Manager: from n/a through = 2.9.6...

8.6CVSS7.3AI score0.00584EPSS
Exploits0References1
CVE
CVE
added 2025/04/01 5:31 a.m.52 views

CVE-2025-30910

CM Download Manager (WordPress plugin)

8.6CVSS7.2AI score0.00584EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/05 1:49 p.m.20 views

CVE-2025-24694

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CreativeMindsSolutions CM Pop-Up banners cm-pop-up-banners allows Reflected XSS.This issue affects CM Pop-Up banners: from n/a through = 1.7.6...

7.1CVSS7.2AI score0.00363EPSS
Exploits0References1
NVD
NVD
added 2025/03/03 2:15 p.m.11 views

CVE-2025-24694

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CreativeMindsSolutions CM Pop-Up banners cm-pop-up-banners allows Reflected XSS.This issue affects CM Pop-Up banners: from n/a through = 1.7.6...

7.1CVSS0.00363EPSS
Exploits0References1
NVD
NVD
added 2025/03/03 2:15 p.m.28 views

CVE-2025-24758

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CreativeMindsSolutions CM Map Locations cm-map-locations allows Reflected XSS.This issue affects CM Map Locations: from n/a through = 2.0.8...

7.1CVSS0.00363EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/03 1:30 p.m.19 views

CVE-2025-24694 WordPress Name: CM E-Mail Registration Blacklist plugin <= 1.5.5 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CreativeMindsSolutions CM Email Registration Blacklist and Whitelist allows Reflected XSS. This issue affects CM Email Registration Blacklist and Whitelist: from n/a through 1.5.5...

7.1CVSS7.1AI score0.00363EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/03 1:30 p.m.16 views

CVE-2025-24694 WordPress CM Pop-Up Banners plugin <= 1.7.6 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CreativeMindsSolutions CM Pop-Up banners cm-pop-up-banners allows Reflected XSS.This issue affects CM Pop-Up banners: from n/a through = 1.7.6...

7.1CVSS0.00363EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/03 1:30 p.m.3 views

CVE-2025-24758 WordPress CM Map Locations plugin <= 2.0.8 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CreativeMindsSolutions CM Map Locations allows Reflected XSS. This issue affects CM Map Locations: from n/a through 2.0.8...

7.1CVSS7AI score0.00363EPSS
Exploits0References1
CVE
CVE
added 2025/03/03 1:30 p.m.53 views

CVE-2025-24694

CVE-2025-24694: Reflected XSS in CM E‑Mail Blacklist plugin for WordPress (CM E‑Mail Registration Blacklist and Whitelist) up to version 1.5.5. Public descriptions confirm improper input neutralization during web page generation as the root cause. Affected software is the CM E‑Mail Blacklist plug...

7.1CVSS7.2AI score0.00363EPSS
Exploits0References1
CVE
CVE
added 2024/12/13 2:24 p.m.40 views

CVE-2024-54267

CVE-2024-54267 involves CM Answers (CreativeMindsSolutions) for WordPress. The CM Answers plugin has a Missing Authorization vulnerability that can be exploited due to incorrectly configured access control levels, affecting CM Answers versions up to 3.2.6 (inclusive of n/a). The CVSS 3.1 score is...

4.3CVSS7.2AI score0.00421EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/13 2:24 p.m.17 views

CVE-2024-54267 WordPress CM Answers plugin <= 3.2.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in CreativeMindsSolutions CM Answers cm-answers allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CM Answers: from n/a through = 3.2.6...

4.3CVSS0.00421EPSS
Exploits0References1
NVD
NVD
added 2024/10/11 7:15 p.m.23 views

CVE-2024-48041

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CreativeMindsSolutions CM Tooltip Glossary enhanced-tooltipglossary allows Stored XSS.This issue affects CM Tooltip Glossary: from n/a through = 4.3.9...

6.5CVSS0.00262EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/11 6:27 p.m.13 views

CVE-2024-48041 WordPress CM Tooltip Glossary plugin <= 4.3.9 - Stored Cross-Site Scripting vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in CreativeMindsSolutions CM Tooltip Glossary allows Stored XSS.This issue affects CM Tooltip Glossary: from n/a through 4.3.9...

6.5CVSS6.8AI score0.00262EPSS
Exploits0References1
CVE
CVE
added 2024/10/11 6:27 p.m.59 views

CVE-2024-48041

CVE-2024-48041 describes a stored XSS in the CM Tooltip Glossary WordPress plugin. The issue arises from improper neutralization of input during web page generation, allowing stored cross‑site scripting. Affected versions are CM Tooltip Glossary up to 4.3.9 ; the vulnerability is fixed in version...

6.5CVSS5.9AI score0.00262EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/08/12 10:13 p.m.19 views

CVE-2024-43149 WordPress CM Tooltip Glossary Plugin <= 4.3.7 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in CreativeMindsSolutions CM Tooltip Glossary allows Stored XSS.This issue affects CM Tooltip Glossary: from n/a through 4.3.7...

6.5CVSS6.8AI score0.00245EPSS
Exploits0References1
CVE
CVE
added 2024/08/12 10:13 p.m.49 views

CVE-2024-43149

CM Tooltip Glossary (WordPress plugin) is affected by CVE-2024-43149 (Stored XSS). The vulnerability is authenticated and arises from improper input neutralization during web page generation, affecting versions up to 4.3.7. Patch: upgrade to 4.3.7 or newer (the fix is included in 4.3.7).

6.5CVSS6.4AI score0.00245EPSS
Exploits0References1
Prion
Prion
added 2023/12/20 5:15 p.m.25 views

Sql injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in CreativeMindsSolutions CM Popup Plugin for WordPress.This issue affects CM Popup Plugin for WordPress: from n/a through 1.5.10...

5.5CVSS7.9AI score0.00625EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/12/20 5:6 p.m.28 views

CVE-2023-30750 WordPress CM Pop-Up banners Plugin <= 1.5.10 is vulnerable to SQL Injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in CreativeMindsSolutions CM Popup Plugin for WordPress.This issue affects CM Popup Plugin for WordPress: from n/a through 1.5.10...

8.5CVSS9AI score0.00625EPSS
Exploits0References1
CVE
CVE
added 2023/12/20 5:6 p.m.69 views

CVE-2023-30750

CM Pop-Up banners for WordPress (CM Popup Plugin)

8.5CVSS8.6AI score0.00625EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder