This page lists publicly disclosed CVE vulnerabilities affecting cminds cm_search_and_replace (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2024-5028 | The CM WordPress Search And Replace Plugin WordPress plugin before 1.3.9 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks | [email protected] | 6.5 | 0.16% | 2024-07-13 | 2025-05-13 |
| CVE-2023-28749 | Cross-Site Request Forgery (CSRF) vulnerability in CreativeMindsSolutions CM On Demand Search And Replace plugin <= 1.3.0 versions. | [email protected] | 4.3 | 0.26% | 2023-11-22 | 2026-01-23 |
| CVE-2023-31228 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in CreativeMindsSolutions CM On Demand Search And Replace plugin <= 1.3.0 versions. | [email protected] | 5.9 | 0.37% | 2023-08-18 | 2026-01-23 |