本ページは cminds cm_search_and_replace に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2024-5028 | The CM WordPress Search And Replace Plugin WordPress plugin before 1.3.9 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks | [email protected] | 6.5 | 0.16% | 2024-07-13 | 2025-05-13 |
| CVE-2023-28749 | Cross-Site Request Forgery (CSRF) vulnerability in CreativeMindsSolutions CM On Demand Search And Replace plugin <= 1.3.0 versions. | [email protected] | 4.3 | 0.17% | 2023-11-22 | 2026-01-23 |
| CVE-2023-31228 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in CreativeMindsSolutions CM On Demand Search And Replace plugin <= 1.3.0 versions. | [email protected] | 5.9 | 0.06% | 2023-08-18 | 2026-01-23 |