CVE-2026-2941 Linksy Search and Replace <= 1.0.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Database Update via linksy_search_and_replace_item_details

The Linksy Search and Replace plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'linksysearchandreplaceitemdetails' function in all versions up to, and including, 1.0.4. This makes it possible for authenticated attackers, with...

CVE-2025-54045

Missing Authorization vulnerability in CreativeMindsSolutions CM On Demand Search And Replace cm-on-demand-search-and-replace allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CM On Demand Search And Replace: from n/a through = 1.5.5...

CVE-2025-54045

CVE-2025-54045 affects the WordPress plugin CM On Demand Search And Replace by CreativeMindsSolutions. The issue is a broken/misconfigured access control that allows an authorization bypass, as described across multiple sources. Affected versions include CM On Demand Search And Replace up to 1.5....

PT-2025-51381

Name of the Vulnerable Software and Affected Versions CreativeMindsSolutions CM On Demand Search And Replace versions through 1.5.4 Description An authorization issue exists in CreativeMindsSolutions CM On Demand Search And Replace, allowing exploitation due to incorrectly configured access contr...

EUVD-2025-24911

Malicious code in bioql PyPI...

CVE-2025-54728

Cross-Site Request Forgery CSRF vulnerability in CreativeMindsSolutions CM On Demand Search And Replace cm-on-demand-search-and-replace allows Cross Site Request Forgery.This issue affects CM On Demand Search And Replace: from n/a through = 1.5.2...

CVE-2025-54727

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CreativeMindsSolutions CM On Demand Search And Replace cm-on-demand-search-and-replace allows Stored XSS.This issue affects CM On Demand Search And Replace: from n/a through = 1.5.2...

CVE-2025-54727

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CreativeMindsSolutions CM On Demand Search And Replace cm-on-demand-search-and-replace allows Stored XSS.This issue affects CM On Demand Search And Replace: from n/a through = 1.5.2...

CVE-2025-54728

Cross-Site Request Forgery CSRF vulnerability in CreativeMindsSolutions CM On Demand Search And Replace cm-on-demand-search-and-replace allows Cross Site Request Forgery.This issue affects CM On Demand Search And Replace: from n/a through = 1.5.2...

CVE-2025-54727

CVE-2025-54727 affects CreativeMindsSolutions CM On Demand Search And Replace (plugin) with versions up to 1.5.2. The issue is an stored XSS caused by improper input neutralization during web page generation. Documents specify vulnerable versions (

CVE-2025-54727 WordPress CM On Demand Search And Replace Plugin <= 1.5.2 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CreativeMindsSolutions CM On Demand Search And Replace allows Stored XSS. This issue affects CM On Demand Search And Replace: from n/a through 1.5.2...

CVE-2025-54728 WordPress CM On Demand Search And Replace Plugin <= 1.5.2 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in CreativeMindsSolutions CM On Demand Search And Replace cm-on-demand-search-and-replace allows Cross Site Request Forgery.This issue affects CM On Demand Search And Replace: from n/a through = 1.5.2...

CVE-2025-54728

CVE-2025-54728 describes a Cross-Site Request Forgery (CSRF) vulnerability in CreativeMindsSolutions CM On Demand Search And Replace for WordPress, affecting versions up to 1.5.2. The issue enables CSRF by tricking authenticated users into performing unintended actions. The CVSS 3.1 base score is...

CVE-2025-54728 WordPress CM On Demand Search And Replace Plugin <= 1.5.2 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in CreativeMindsSolutions CM On Demand Search And Replace allows Cross Site Request Forgery. This issue affects CM On Demand Search And Replace: from n/a through 1.5.2...

CVE-2024-38759

Deserialization of Untrusted Data vulnerability in WP MEDIA SAS Search & Replace search-and-replace.This issue affects Search & Replace: from n/a through 3.2.2...

WordPress CM WordPress Search And Replace plugin <= 1.4.5 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin CM On Demand Search And Replace versions = 1.4.5...

WordPress CM On Demand Search And Replace Plugin <= 1.4.2 is vulnerable to Cross Site Scripting (XSS)

Software CM On Demand Search And Replace Type Plugin Vulnerable versions = 1.4.2 Fixed in 1.4.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-11202 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID cf0ce3925274 Credits...

CVE-2024-38759

Deserialization of Untrusted Data vulnerability in WP MEDIA SAS Search & Replace search-and-replace.This issue affects Search & Replace: from n/a through 3.2.2...

WordPress CM WordPress Search And Replace Plugin plugin < 1.3.9 - Plugin Reset via CSRF vulnerability

Plugin Reset via CSRF vulnerability discovered by Felipe Caon in WordPress Plugin CM On Demand Search And Replace versions 1.3.9...

WordPress CM On Demand Search And Replace Plugin < 1.3.9 is vulnerable to Cross Site Request Forgery (CSRF)

Software CM On Demand Search And Replace Type Plugin Vulnerable versions 1.3.9 Fixed in 1.3.9 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-5028 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 576a4082c0ff Credits Felipe...