Known Vulnerabilities for products from Cminds
Listed below are 13 of the newest known vulnerabilities associated with the vendor "Cminds".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2025-46246 | Cross-Site Request Forgery (CSRF) vulnerability in CreativeMindsSolutions CM Answers cm-answers allows Cross Site Request For... | Not Provided | 2025-04-22 | 2026-04-01 |
| CVE-2025-46245 | Cross-Site Request Forgery (CSRF) vulnerability in CreativeMindsSolutions CM Ad Changer cm-ad-changer allows Cross Site Reque... | Not Provided | 2025-04-22 | 2026-04-01 |
| CVE-2023-31228 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in CreativeMindsSolutions CM On Demand Search And Replace plug... | 4.8 - MEDIUM | 2023-08-18 | 2023-08-23 |
| CVE-2023-30750 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 8.1 - HIGH | 2023-12-20 | 2023-12-26 |
| CVE-2023-28749 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 8.8 - HIGH | 2023-11-22 | 2023-11-27 |
| CVE-2023-25992 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in CreativeMindsSolutions CM Answers plugin <= 3.1.9 versions. | 4.8 - MEDIUM | 2023-03-23 | 2023-11-07 |
| CVE-2022-3076 | The CM Download Manager WordPress plugin before 2.8.6 allows high privilege users such as admin to upload arbitrary files by ... | 7.2 - HIGH | 2022-09-26 | 2022-09-27 |
| CVE-2021-24678 | The CM Tooltip Glossary WordPress plugin before 3.9.21 does not escape some glossary_tooltip shortcode attributes, which coul... | 5.4 - MEDIUM | 2021-10-04 | 2021-10-18 |
| CVE-2020-27344 | The cm-download-manager plugin before 2.8.0 for WordPress allows XSS. | 6.1 - MEDIUM | 2020-10-21 | 2020-10-23 |
| CVE-2020-24146 | Directory traversal in the CM Download Manager (aka cm-download-manager) plugin 2.7.0 for WordPress allows authorized users t... | 8.1 - HIGH | 2021-07-07 | 2021-07-12 |
| CVE-2020-24145 | Cross Site Scripting (XSS) vulnerability in the CM Download Manager (aka cm-download-manager) plugin 2.7.0 for WordPress allo... | 6.1 - MEDIUM | 2021-07-07 | 2021-07-09 |
| CVE-2016-1000132 | Reflected XSS in wordpress plugin enhanced-tooltipglossary v3.2.8 | 6.1 - MEDIUM | 2016-10-10 | 2021-10-12 |
| CVE-2014-9129 | Cross-site request forgery (CSRF) vulnerability in the CreativeMinds CM Downloads Manager plugin before 2.0.7 for WordPress a... | 6.8 - MEDIUM | 2014-12-05 | 2023-02-02 |
Known software with vulnerabilities from Cminds
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Cminds | Cm Download Manager | 2.7.0 |
| Application | Cminds | Enhanced-tooltipglossary | 3.2.8 |