VYPR

Tooltip Glossary

by Cminds

CVEs (4)

  • CVE-2024-48041MedOct 11, 2024
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CreativeMindsSolutions CM Tooltip Glossary enhanced-tooltipglossary allows Stored XSS.This issue affects CM Tooltip Glossary: from n/a through <= 4.3.9.

  • CVE-2024-43149MedAug 12, 2024
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CreativeMindsSolutions CM Tooltip Glossary allows Stored XSS.This issue affects CM Tooltip Glossary: from n/a through 4.3.7.

  • CVE-2016-1000132MedOct 10, 2016
    risk 0.40cvss 6.1epss 0.04

    Reflected XSS in wordpress plugin enhanced-tooltipglossary v3.2.8

  • CVE-2024-5026May 15, 2025
    risk 0.00cvss epss 0.00

    The CM Tooltip Glossary WordPress plugin before 4.3.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in…