Cm Tooltip Glossary
Approved changes feed: RSS · Atom
cpe:2.3:a:creativemindssolutions:cm_tooltip_glossary:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Creativemindssolutions (f7222e7b-b519-5ad4-b066-3dcd3dd3d11b) |
|---|---|
| Product | Cm Tooltip Glossary (f1cc9cf7-9e4c-58ee-9347-49c1b8adda89) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-4086 |
vulnerable | 2026-06-03 14:57:14.700011 |
CM Tooltip Glossary – Powerful Glossary Plugin <= 4.2.11 - Cross-Site Request Forgery
MEDIUM (4.3)
The CM Tooltip Glossary – Powerful Glossary Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.2.11. This is due to missing or incorrect nonce validation when saving settings. This makes it possible for unauthenticated attackers to change the plugin's settings or reset them via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Published: 2024-05-02T16:52:51.436Z
Updated: 2026-04-08T17:32:59.143Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-48041 |
vulnerable | 2026-06-03 14:57:02.834073 |
WordPress CM Tooltip Glossary plugin <= 4.3.9 - Stored Cross-Site Scripting vulnerability
MEDIUM (6.5)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CreativeMindsSolutions CM Tooltip Glossary enhanced-tooltipglossary allows Stored XSS.This issue affects CM Tooltip Glossary: from n/a through <= 4.3.9.
Published: 2024-10-11T18:27:15.935Z
Updated: 2026-04-28T16:10:22.358Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-43149 |
vulnerable | 2026-06-03 14:56:44.595075 |
WordPress CM Tooltip Glossary Plugin <= 4.3.7 - Cross Site Scripting (XSS) vulnerability
MEDIUM (6.5)
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CreativeMindsSolutions CM Tooltip Glossary allows Stored XSS.This issue affects CM Tooltip Glossary: from n/a through 4.3.7.
Published: 2024-08-12T22:13:29.806Z
Updated: 2026-04-28T16:10:09.203Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11202 |
vulnerable | 2026-06-03 14:54:13.654974 |
Multiple Plugins <= (Various Versions) - Reflected Cross-Site Scripting via cminds_free_guide Shortcode
MEDIUM (6.1)
Multiple plugins for WordPress are vulnerable to Reflected Cross-Site Scripting via the cminds_free_guide shortcode in various versions due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
Published: 2024-11-26T07:31:31.790Z
Updated: 2026-04-08T17:27:35.857Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.