cleantalk
Vulnerabilities and Security Researches

CM WordPress FAQ Plugin – Accordion FAQ Solution, CVE-2025-24758

CVE, Research URL

CVE-2025-24758

Home page URL

Security reports for CM WordPress FAQ Plugin – Accordion FAQ Solution

Application

CM WordPress FAQ Plugin – Accordion FAQ Solution

Published on
Mar 03, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CreativeMindsSolutions CM Map Locations allows Reflected XSS. This issue affects CM Map Locations: from n/a through 2.0.8.
Affected versions
Min -, max 1.2.1.
Status
vulnerable
Previous vulnerability researches
CM Header & Footer Script Loader – Insert Script Plugin (CVE-2025-24758) , Feb 19, 2025
CM Header & Footer Script Loader – Insert Script Plugin (CVE-2024-11202) , Nov 26, 2024
CM Header & Footer Script Loader – Insert Script Plugin (CVE-2025-31091) , Apr 05, 2025
New vulnerability
WooCommerce Products without featured images (CVE-2025-32545) , Apr 18, 2025
ProductX – WooCommerce Builder & Gutenberg WooCommerce Blocks (CVE-2025-39571) , Apr 18, 2025
Travelfic Toolkit (CVE-2025-39585) , Apr 18, 2025
Scriptless Social Sharing (CVE-2025-39529) , Apr 18, 2025
Responsive Blocks – WordPress Gutenberg Blocks (CVE-2025-39578) , Apr 18, 2025