CM WordPress Search And Replace Plugin, CVE-2025-54727

CVE, Research URL: CVE-2025-54727
Home page URL: Security reports for CM WordPress Search And Replace Plugin
Application: CM WordPress Search And Replace Plugin
Published on: Aug 15, 2025
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CreativeMindsSolutions CM On Demand Search And Replace allows Stored XSS. This issue affects CM On Demand Search And Replace: from n/a through 1.5.2.
Affected versions: Min -, max 1.5.3.
Status: vulnerable