cleantalk
Vulnerabilities and Security Researches

CM WordPress FAQ Plugin – Accordion FAQ Solution, CVE-2025-24758

CVE, Research URL

CVE-2025-24758

Home page URL

Security reports for CM WordPress FAQ Plugin – Accordion FAQ Solution

Application

CM WordPress FAQ Plugin – Accordion FAQ Solution

Published on
Mar 03, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CreativeMindsSolutions CM Map Locations allows Reflected XSS. This issue affects CM Map Locations: from n/a through 2.0.8.
Affected versions
Min -, max 1.2.1.
Status
vulnerable
Previous vulnerability researches
CM Ad Changer – Ad Manager and Ad Server (CVE-2025-46245) , Apr 24, 2025
CM Ad Changer – Ad Manager and Ad Server (CVE-2025-24758) , Feb 19, 2025
CM Ad Changer – Ad Manager and Ad Server (eb01fee8297a4a9b954f478959dbdb7e8b8899cf) , Jun 07, 2024
New vulnerability
Flynax Bridge (CVE-2025-3604) , Apr 25, 2025
Simple Custom CSS and JS , Apr 25, 2025
Verification SMS with TargetSMS (CVE-2025-3776) , Apr 25, 2025
SKT Blocks – Gutenberg based Page Builder (CVE-2025-46235) , Apr 24, 2025
Message Filter for Contact Form 7 (CVE-2025-46252) , Apr 24, 2025