Vulnerabilities in creativemindssolutions
29 resultsCVE-2023-30750HIGHWordPress CM Pop-Up banners Plugin <= 1.5.10 is vulnerable to SQL InjectionEPSS 0.6%CVE-2024-11202MEDIUMMultiple Plugins <= (Various Versions) - Reflected Cross-Site Scripting via cminds_free_guide ShortcodeEPSS 0.6%CVE-2025-30910HIGHWordPress CM Download Manager plugin <= 2.9.6 - Arbitrary File Deletion vulnerabilityEPSS 0.5%CVE-2024-54267MEDIUMWordPress CM Answers plugin <= 3.2.6 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-31228MEDIUMWordPress CM On Demand Search And Replace Plugin <= 1.3.0 is vulnerable to Cross Site Scripting (XSS)EPSS 0.4%CVE-2023-25992MEDIUMWordPress CM Answers Plugin <= 3.1.9 is vulnerable to Cross Site Scripting (XSS)EPSS 0.4%CVE-2025-24694HIGHWordPress CM Pop-Up Banners plugin <= 1.7.6 - Reflected Cross Site Scripting (XSS) vulnerabilityEPSS 0.4%CVE-2025-24758HIGHWordPress CM Map Locations plugin <= 2.0.8 - Reflected Cross Site Scripting (XSS) vulnerabilityEPSS 0.4%CVE-2025-2166MEDIUMCM FAQ – Simplify support with an intuitive FAQ management tool <= 1.2.5 - Reflected Cross-Site ScriptingEPSS 0.3%CVE-2025-32210MEDIUMWordPress CM Registration and Invitation Codes plugin <= 2.5.6 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-48041MEDIUMWordPress CM Tooltip Glossary plugin <= 4.3.9 - Stored Cross-Site Scripting vulnerabilityEPSS 0.3%CVE-2023-28749MEDIUMWordPress CM On Demand Search And Replace Plugin <= 1.3.0 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2026-0691MEDIUMCM E-Mail Blacklist <= 1.6.2 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'black_email' ParameterEPSS 0.3%CVE-2024-4086MEDIUMCM Tooltip Glossary – Powerful Glossary Plugin <= 4.2.11 - Cross-Site Request ForgeryEPSS 0.3%CVE-2024-43149MEDIUMWordPress CM Tooltip Glossary Plugin <= 4.3.7 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2026-2432MEDIUMCM Custom Reports <= 1.2.7 - Authenticated (Administrator+) Stored Cross-Site Scripting via Plugin LabelsEPSS 0.2%CVE-2025-31091MEDIUMWordPress CM Header and Footer plugin <= 1.2.4 - Cross Site Scripting (XSS) VulnerabilityEPSS 0.2%CVE-2026-25004MEDIUMWordPress CM Business Directory plugin <= 1.5.3 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2026-2431MEDIUMCM Custom Reports <= 1.2.7 - Reflected Cross-Site Scripting via 'date_from' and 'date_to' ParametersEPSS 0.2%CVE-2025-10178MEDIUMCM Business Directory <= 1.5.2 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.2%