GCVE - cpe:2.3:a:cminds:cm_search_and_replace:*:*:*:*:*:wordpress:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:cminds:cm_search_and_replace:*:*:*:*:*:wordpress:*:*

part: a version: * update: *

Vendor	Cminds (`b5402bde-9543-59be-8aae-b9b2097f562f`)
Product	Cm Search And Replace (`10b52773-59f6-51e5-a5ec-57a6e4623e79`)
Edition	*
Language	*
Software edition	*
Target software	wordpress
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2024-5028`	vulnerable	2026-06-03 14:57:51.539862	CM WordPress Search And Replace Plugin < 1.3.9 - Plugin Reset via CSRF The CM WordPress Search And Replace Plugin WordPress plugin before 1.3.9 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks Published: 2024-07-13T06:00:07.447Z Updated: 2024-08-01T21:03:09.657Z Open on db.gcve.eu Reference links https://wpscan.com/vulnerability/0bae8494-7b01-4203-a4f7-ccc60efbdda7/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-31228`	vulnerable	2026-06-03 14:51:55.089312	WordPress CM On Demand Search And Replace Plugin <= 1.3.0 is vulnerable to Cross Site Scripting (XSS) MEDIUM (5.9) Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in CreativeMindsSolutions CM On Demand Search And Replace plugin <= 1.3.0 versions. Published: 2023-08-18T12:57:43.899Z Updated: 2026-04-28T16:08:21.212Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/cm-on-demand-search-and-replace/wordpress-cm-on-demand-search-and-replace-plugin-1-3-0-cross-site-scripting-xss-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-28749`	vulnerable	2026-06-03 14:51:37.390643	WordPress CM On Demand Search And Replace Plugin <= 1.3.0 is vulnerable to Cross Site Request Forgery (CSRF) MEDIUM (4.3) Cross-Site Request Forgery (CSRF) vulnerability in CreativeMindsSolutions CM On Demand Search And Replace plugin <= 1.3.0 versions. Published: 2023-11-22T13:02:55.222Z Updated: 2026-04-28T16:08:16.639Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/cm-on-demand-search-and-replace/wordpress-cm-on-demand-search-and-replace-plugin-1-3-0-cross-site-request-forgery-csrf?_s_id=cve	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

Cm Search And Replace

PURL mappings

Vulnerability references

Contribute