CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CreativeMindsSolutions CM Tooltip Glossary enhanced-tooltipglossary allows Stored XSS.This issue affects CM Tooltip Glossary: from n/a through = 4.3.9...

6.5CVSS5.9AI score0.00321EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 9:3 p.m.•2 views

CVE-2021-24678

The CM Tooltip Glossary WordPress plugin before 3.9.21 does not escape some glossarytooltip shortcode attributes, which could allow users a role as low as Contributor to perform Stored Cross-Site Scripting attacks...

5.4CVSS5.5AI score0.0018EPSS

Exploits2References1

OSV•added 2025/05/15 8:15 p.m.•2 views

CVE-2024-5026

The CM Tooltip Glossary WordPress plugin before 4.3.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS5.8AI score0.00166EPSS

Exploits1References1

Vulnrichment•added 2025/05/15 8:7 p.m.•7 views

CVE-2024-5026 CM Tooltip Glossary < 4.3.4 - Admin+ Stored XSS

5AI score0.00166EPSS

Exploits1References1

Cvelist•added 2025/05/15 8:7 p.m.•10 views

CVE-2024-5026 CM Tooltip Glossary < 4.3.4 - Admin+ Stored XSS

0.00166EPSS

Exploits1References1

Positive Technologies•added 2025/05/15 12:0 a.m.•4 views

PT-2025-21477 · WordPress · Cm Tooltip Glossary

Name of the Vulnerable Software and Affected Versions: CM Tooltip Glossary WordPress plugin version prior to 4.3.4 Description: The issue concerns the CM Tooltip Glossary WordPress plugin, which does not properly sanitize and escape some of its settings. This could allow high-privilege users, suc...

4.8CVSS4.8AI score0.00166EPSS

Exploits1References4

Patchstack•added 2025/02/03 4:18 p.m.•3 views

WordPress CM Tooltip Glossary plugin <= 4.4.1 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Peter Thaleikis Patchstack Alliance in WordPress Plugin CM Tooltip Glossary versions = 4.4.1...

7.1CVSS6.1AI score0.00232EPSS

Exploits0Affected Software1

Patchstack•added 2025/02/03 3:25 p.m.•3 views

WordPress CM Tooltip Glossary plugin <= 4.3.11 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin CM Tooltip Glossary versions = 4.3.11...

7.1CVSS6.1AI score0.00232EPSS

Exploits0Affected Software1

CNNVD•added 2024/11/26 12:0 a.m.•2 views

WordPress plugin多款产品跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in...

6.1CVSS7.8AI score0.02206EPSS

Exploits0References16

Patchstack•added 2024/11/25 9:52 p.m.•3 views

WordPress CM Tooltip Glossary plugin <= 4.3.11 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin CM Tooltip Glossary versions = 4.3.11...

6.1CVSS6.3AI score0.02206EPSS

Exploits0References1Affected Software1

Patchstack•added 2024/11/25 12:0 a.m.•12 views

WordPress CM Tooltip Glossary Plugin <= 4.3.11 is vulnerable to Cross Site Scripting (XSS)

Software CM Tooltip Glossary Type Plugin Vulnerable versions = 4.3.11 Fixed in 4.3.12 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-11202 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 43a316167b95 Credits Peter...

6.1CVSS5.9AI score0.02206EPSS

Exploits0References3Affected Software1

NVD•added 2024/10/11 7:15 p.m.•17 views

CVE-2024-48041

6.5CVSS0.00321EPSS

Exploits0References1

Cvelist•added 2024/10/11 6:27 p.m.•28 views

CVE-2024-48041 WordPress CM Tooltip Glossary plugin <= 4.3.9 - Stored Cross-Site Scripting vulnerability

6.5CVSS0.00321EPSS

Exploits0References1

Vulnrichment•added 2024/10/11 6:27 p.m.•9 views

CVE-2024-48041 WordPress CM Tooltip Glossary plugin <= 4.3.9 - Stored Cross-Site Scripting vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in CreativeMindsSolutions CM Tooltip Glossary allows Stored XSS.This issue affects CM Tooltip Glossary: from n/a through 4.3.9...

6.5CVSS6.8AI score0.00321EPSS

Exploits0References1

Positive Technologies•added 2024/10/11 12:0 a.m.•2 views

PT-2024-32960 · Unknown · Cm Tooltip Glossary

Name of the Vulnerable Software and Affected Versions: CM Tooltip Glossary versions through 4.3.9 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks. Recommendations: For...

6.5CVSS5.6AI score0.00321EPSS

Exploits0References3

Patchstack•added 2024/10/09 10:33 a.m.•2 views

WordPress CM Tooltip Glossary plugin <= 4.3.9 - Stored Cross-Site Scripting vulnerability

Stored Cross-Site Scripting vulnerability discovered by Robert DeVore Patchstack Alliance in WordPress Plugin CM Tooltip Glossary versions = 4.3.9...

6.5CVSS5.8AI score0.00321EPSS

Exploits0Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by