Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CreativeMindsSolutions — Vulnerabilities & Security Advisories 28

Browse all 28 CVE security advisories affecting CreativeMindsSolutions. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by CreativeMindsSolutions:CM On Demand Search And ReplaceCM AnswersCM Tooltip GlossaryCM Custom Reports – Flexible reporting to track what matters mostCM Map LocationsCM Pop-Up bannersCM Header and Footer – Add custom scripts and styles to your header and footer with easeCM FAQ – Simplify support with an intuitive FAQ management toolCM Download ManagerCM Header and FooterCM Registration and Invitation CodesCM Ad ChangerCM Business Directory – Optimise and showcase local businessCM Registration – Tailored tool for seamless login and invitation-based registrationsCM E-Mail Blacklist – Simple email filtering for safer registrationCM Business DirectoryCM Popup Plugin for WordPress
CVE IDTitleCVSSSeverityPublished
CVE-2026-2432 CM Custom Reports <= 1.2.7 - Authenticated (Administrator+) Stored Cross-Site Scripting via Plugin Labels — CM Custom Reports – Flexible reporting to track what matters mostCWE-79 4.4 Medium2026-03-20
CVE-2026-2431 CM Custom Reports <= 1.2.7 - Reflected Cross-Site Scripting via 'date_from' and 'date_to' Parameters — CM Custom Reports – Flexible reporting to track what matters mostCWE-79 6.1 Medium2026-03-07
CVE-2026-25004 WordPress CM Business Directory plugin <= 1.5.3 - Cross Site Scripting (XSS) vulnerability — CM Business DirectoryCWE-79 5.9 Medium2026-02-19
CVE-2026-0691 CM E-Mail Blacklist <= 1.6.2 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'black_email' Parameter — CM E-Mail Blacklist – Simple email filtering for safer registrationCWE-79 4.4 Medium2026-01-17
CVE-2025-54045 WordPress CM On Demand Search And Replace plugin <= 1.5.5 - Broken Access Control vulnerability — CM On Demand Search And ReplaceCWE-862 4.3 Medium2025-12-16
CVE-2025-11167 CM Registration – Tailored tool for seamless login and invitation-based registrations <= 2.5.6 - Open Redirect — CM Registration – Tailored tool for seamless login and invitation-based registrationsCWE-601 4.7 Medium2025-10-11
CVE-2025-10178 CM Business Directory <= 1.5.2 - Authenticated (Contributor+) Stored Cross-Site Scripting — CM Business Directory – Optimise and showcase local businessCWE-79 6.4 Medium2025-09-26
CVE-2025-48151 WordPress CM Map Locations <= 2.1.6 - Cross Site Scripting (XSS) Vulnerability — CM Map LocationsCWE-79 7.1 High2025-08-20
CVE-2025-54727 WordPress CM On Demand Search And Replace Plugin <= 1.5.2 - Cross Site Scripting (XSS) Vulnerability — CM On Demand Search And ReplaceCWE-79 5.9 Medium2025-08-14
CVE-2025-54728 WordPress CM On Demand Search And Replace Plugin <= 1.5.2 - Cross Site Request Forgery (CSRF) Vulnerability — CM On Demand Search And ReplaceCWE-352 4.3 Medium2025-08-14
CVE-2025-54018 WordPress CM Pop-Up banners plugin <= 1.8.4 - Broken Access Control Vulnerability — CM Pop-Up bannersCWE-862 4.3 Medium2025-07-16
CVE-2025-46245 WordPress CM Ad Changer plugin <= 2.0.5 - Cross Site Request Forgery (CSRF) Vulnerability — CM Ad ChangerCWE-352 4.3 Medium2025-04-22
CVE-2025-46246 WordPress CM Answers plugin <= 3.3.3 - Cross Site Request Forgery (CSRF) Vulnerability — CM AnswersCWE-352 4.3 Medium2025-04-22
CVE-2025-32210 WordPress CM Registration and Invitation Codes plugin <= 2.5.6 - Broken Access Control vulnerability — CM Registration and Invitation CodesCWE-862 6.5 Medium2025-04-10
CVE-2025-31091 WordPress CM Header and Footer plugin <= 1.2.4 - Cross Site Scripting (XSS) Vulnerability — CM Header and FooterCWE-79 6.5 Medium2025-04-03
CVE-2025-30910 WordPress CM Download Manager plugin <= 2.9.6 - Arbitrary File Deletion vulnerability — CM Download ManagerCWE-22 8.6 High2025-04-01
CVE-2025-2166 CM FAQ – Simplify support with an intuitive FAQ management tool <= 1.2.5 - Reflected Cross-Site Scripting — CM FAQ – Simplify support with an intuitive FAQ management toolCWE-79 6.1 Medium2025-03-14
CVE-2025-24758 WordPress CM Map Locations plugin <= 2.0.8 - Reflected Cross Site Scripting (XSS) vulnerability — CM Map LocationsCWE-79 7.1 High2025-03-03
CVE-2025-24694 WordPress CM Pop-Up Banners plugin <= 1.7.6 - Reflected Cross Site Scripting (XSS) vulnerability — CM Pop-Up bannersCWE-79 7.1 High2025-03-03
CVE-2024-54267 WordPress CM Answers plugin <= 3.2.6 - Broken Access Control vulnerability — CM AnswersCWE-862 4.3 Medium2024-12-13
CVE-2024-11202 Multiple Plugins <= (Various Versions) - Reflected Cross-Site Scripting via cminds_free_guide Shortcode — CM Header and Footer – Add custom scripts and styles to your header and footer with easeCWE-79 6.1 Medium2024-11-26
CVE-2024-48041 WordPress CM Tooltip Glossary plugin <= 4.3.9 - Stored Cross-Site Scripting vulnerability — CM Tooltip GlossaryCWE-79 6.5 Medium2024-10-11
CVE-2024-43149 WordPress CM Tooltip Glossary Plugin <= 4.3.7 - Cross Site Scripting (XSS) vulnerability — CM Tooltip GlossaryCWE-79 6.5 Medium2024-08-12
CVE-2024-4086 CM Tooltip Glossary – Powerful Glossary Plugin <= 4.2.11 - Cross-Site Request Forgery — CM Tooltip GlossaryCWE-352 4.3 Medium2024-05-02
CVE-2023-30750 WordPress CM Pop-Up banners Plugin <= 1.5.10 is vulnerable to SQL Injection — CM Popup Plugin for WordPressCWE-89 8.5 High2023-12-20
CVE-2023-28749 WordPress CM On Demand Search And Replace Plugin <= 1.3.0 is vulnerable to Cross Site Request Forgery (CSRF) — CM On Demand Search And ReplaceCWE-352 4.3 Medium2023-11-22
CVE-2023-31228 WordPress CM On Demand Search And Replace Plugin <= 1.3.0 is vulnerable to Cross Site Scripting (XSS) — CM On Demand Search And ReplaceCWE-79 5.9 Medium2023-08-18
CVE-2023-25992 WordPress CM Answers Plugin <= 3.1.9 is vulnerable to Cross Site Scripting (XSS) — CM AnswersCWE-79 5.9 Medium2023-03-23

This page lists every published CVE security advisory associated with CreativeMindsSolutions. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.