Cm Table Of Contents
Approved changes feed: RSS · Atom
cpe:2.3:a:cminds:cm_table_of_contents:*:*:*:*:*:wordpress:*:*
part: a version: * update: *
| Vendor | Cminds (b5402bde-9543-59be-8aae-b9b2097f562f) |
|---|---|
| Product | Cm Table Of Contents (d698f38c-2ac6-5116-9fd2-ed8f0f4b2689) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | wordpress |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-5030 |
vulnerable | 2026-06-03 14:57:51.546562 |
CM Table Of Contents – WordPress TOC Plugin < 1.2.3 - Settings Reset via CSRF
The CM Table Of Contents WordPress plugin before 1.2.3 does not have CSRF check in place when resetting its settings, which could allow attackers to make a logged in admin perform such action via a CSRF attack
Published: 2024-11-18T06:00:01.043Z
Updated: 2024-11-18T13:57:03.418Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-5029 |
vulnerable | 2026-06-03 14:57:51.544683 |
CM Table Of Contents – WordPress TOC Plugin < 1.2.4 - Stored XSS via CSRF
The CM Table Of Contents WordPress plugin before 1.2.4 does not have CSRF check when updating its settings, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack.
Published: 2024-11-21T06:00:07.135Z
Updated: 2024-11-21T21:48:56.832Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.