cleantalk
Vulnerabilities and Security Researches

CM WordPress FAQ Plugin – Accordion FAQ Solution, CVE-2025-24758

CVE, Research URL

CVE-2025-24758

Home page URL

Security reports for CM WordPress FAQ Plugin – Accordion FAQ Solution

Application

CM WordPress FAQ Plugin – Accordion FAQ Solution

Published on
Mar 03, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CreativeMindsSolutions CM Map Locations cm-map-locations allows Reflected XSS.This issue affects CM Map Locations: from n/a through <= 2.0.8.
Affected versions
max 1.2.1.
Status
vulnerable
Previous vulnerability researches
CM Email Registration Blacklist and Whitelist (CVE-2025-24694) , Jun 13, 2026
CM Email Registration Blacklist and Whitelist (CVE-2024-11202) , Nov 27, 2024
CM Email Registration Blacklist and Whitelist (CVE-2024-5167) , Jun 28, 2024
CM Email Registration Blacklist and Whitelist (CVE-2025-24758) , Feb 19, 2025
CM Email Registration Blacklist and Whitelist (CVE-2026-0691) , Apr 16, 2026
New vulnerability
Canvas (CVE-2026-9629) , Jun 14, 2026
WP Statistics (CVE-2026-48839) , Jun 14, 2026
WP Statistics (CVE-2026-3488) , Jun 14, 2026
WP Statistics (CVE-2026-5231) , Jun 14, 2026
FAQ Manager For Divi, Gutenberg Block &amp; Shortcode (CVE-2023-33999) , Jun 14, 2026