CM WordPress Search And Replace Plugin, CVE-2025-54727

CVE, Research URL: CVE-2025-54727
Home page URL: Security reports for CM WordPress Search And Replace Plugin
Application: CM WordPress Search And Replace Plugin
Published on: Aug 15, 2025
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CreativeMindsSolutions CM On Demand Search And Replace cm-on-demand-search-and-replace allows Stored XSS.This issue affects CM On Demand Search And Replace: from n/a through <= 1.5.2.
Affected versions: max 1.5.3.
Status: vulnerable