Filtered by vendor Cminds
Subscribe
Search
Total
7 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-30750 | 1 Cminds | 1 Cm Popup | 2023-12-26 | N/A | 8.1 HIGH |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CreativeMindsSolutions CM Popup Plugin for WordPress.This issue affects CM Popup Plugin for WordPress: from n/a through 1.5.10. | |||||
| CVE-2023-28749 | 1 Cminds | 1 Cm On Demand Search And Replace | 2023-11-27 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in CreativeMindsSolutions CM On Demand Search And Replace plugin <= 1.3.0 versions. | |||||
| CVE-2023-31228 | 1 Cminds | 1 Cm On Demand Search And Replace | 2023-08-23 | N/A | 4.8 MEDIUM |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in CreativeMindsSolutions CM On Demand Search And Replace plugin <= 1.3.0 versions. | |||||
| CVE-2021-24678 | 1 Cminds | 1 Tooltip Glossary | 2021-10-18 | 3.5 LOW | 5.4 MEDIUM |
| The CM Tooltip Glossary WordPress plugin before 3.9.21 does not escape some glossary_tooltip shortcode attributes, which could allow users a role as low as Contributor to perform Stored Cross-Site Scripting attacks | |||||
| CVE-2016-1000132 | 1 Cminds | 1 Tooltip Glossary | 2021-10-12 | 4.3 MEDIUM | 6.1 MEDIUM |
| Reflected XSS in wordpress plugin enhanced-tooltipglossary v3.2.8 | |||||
| CVE-2020-24145 | 1 Cminds | 1 Cm Download Manager | 2021-07-09 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in the CM Download Manager (aka cm-download-manager) plugin 2.7.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via a crafted deletescreenshot action. | |||||
| CVE-2020-27344 | 1 Cminds | 1 Cm Download Manager | 2020-10-23 | 4.3 MEDIUM | 6.1 MEDIUM |
| The cm-download-manager plugin before 2.8.0 for WordPress allows XSS. | |||||