← Back

Cm Table Of Contents

cm_table_of_contents

Vendor: Cminds • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-5029
1Cminds
1Cm Table Of Contents
May 15, 2025
Nov 21, 2024
N/A· v4
4.8 MEDIUM· v3
N/A· v2
The CM Table Of Contents WordPress plugin before 1.2.4 does not have CSRF check when updating its settings, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored...Show more
The CM Table Of Contents WordPress plugin before 1.2.4 does not have CSRF check when updating its settings, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack.Show less
CVE-2024-5030
1Cminds
1Cm Table Of Contents
May 15, 2025
Nov 18, 2024
N/A· v4
3.8 LOW· v3
N/A· v2
The CM Table Of Contents WordPress plugin before 1.2.3 does not have CSRF check in place when resetting its settings, which could allow attackers to make a logged in admin perform such action via a CSRF attack