← Back

Cm Tooltip Glossary

cm_tooltip_glossary

Vendor: Cminds • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-5026
1Cminds
1Cm Tooltip Glossary
Jun 10, 2025
May 15, 2025
N/A· v4
4.8 MEDIUM· v3
N/A· v2
The CM Tooltip Glossary WordPress plugin before 4.3.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the u...Show more
The CM Tooltip Glossary WordPress plugin before 4.3.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)Show less