Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Cminds Subscribe
Filtered by product Cm Search And Replace
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-28749 1 Cminds 1 Cm Search And Replace 2026-01-23 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in CreativeMindsSolutions CM On Demand Search And Replace plugin <= 1.3.0 versions.
CVE-2023-31228 1 Cminds 1 Cm Search And Replace 2026-01-23 N/A 5.9 MEDIUM
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in CreativeMindsSolutions CM On Demand Search And Replace plugin <= 1.3.0 versions.
CVE-2024-5028 1 Cminds 1 Cm Search And Replace 2025-05-13 N/A 6.5 MEDIUM
The CM WordPress Search And Replace Plugin WordPress plugin before 1.3.9 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks