cleantalk
Vulnerabilities and Security Researches

CM WordPress Search And Replace Plugin, CVE-2025-54728

CVE, Research URL

CVE-2025-54728

Home page URL

Security reports for CM WordPress Search And Replace Plugin

Application

CM WordPress Search And Replace Plugin

Published on
Aug 15, 2025
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in CreativeMindsSolutions CM On Demand Search And Replace allows Cross Site Request Forgery. This issue affects CM On Demand Search And Replace: from n/a through 1.5.2.
Affected versions
Min -, max 1.5.3.
Status
vulnerable
Previous vulnerability researches
WP Table Builder – WordPress Table Plugin (CVE-2025-49286) , Jun 14, 2025
WP Table Builder – WordPress Table Plugin (CVE-2025-32598) , Apr 12, 2025
WP Table Builder – WordPress Table Plugin (CVE-2024-3282) , Aug 25, 2024
WP Table Builder – WordPress Table Plugin (CVE-2024-43125) , Aug 11, 2024
WP Table Builder – WordPress Table Plugin (1ce82cedaf0f4fa2befb03531d4f716b2db4b794) , Jun 07, 2024
New vulnerability
WP Statistics (CVE-2025-55716) , Aug 16, 2025
Google Reviews WordPress Plugin (Widget to add and display reviews) (CVE-2025-54730) , Aug 16, 2025
Billplz Addon for Contact Form 7 (CVE-2025-31007) , Aug 16, 2025
Time Sheets (CVE-2025-49054) , Aug 16, 2025
The Plus Blocks for Block Editor | Gutenberg (CVE-2025-54739) , Aug 16, 2025