42 matches found
EUVD-2024-50959
Malicious code in bioql PyPI...
EUVD-2024-33446
Malicious code in bioql PyPI...
EUVD-2025-24700
Malicious code in bioql PyPI...
EUVD-2025-2996
Malicious code in bioql PyPI...
EUVD-2025-3019
Malicious code in bioql PyPI...
WordPress Plugin Button Block Cross-Site Request Forgery Vulnerability
WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery vulnerability exists in WordPress plugin Button Block 1.2.0 and prior...
CVE-2025-54694
Cross-Site Request Forgery CSRF vulnerability in bPlugins Button Block button-block allows Cross Site Request Forgery.This issue affects Button Block: from n/a through = 1.2.0...
CVE-2025-54694
Cross-Site Request Forgery CSRF vulnerability in bPlugins Button Block button-block allows Cross Site Request Forgery.This issue affects Button Block: from n/a through = 1.2.0...
CVE-2025-54694 WordPress Button Block Plugin plugin <= 1.2.0 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in bPlugins Button Block allows Cross Site Request Forgery. This issue affects Button Block: from n/a through 1.2.0...
CVE-2025-54694
CVE-2025-54694 describes a Cross-Site Request Forgery in the WordPress plugin Button Block, affecting versions up to 1.2.0. The issue is confirmed in multiple sources and the CVE record shows a patch that updates beyond 1.2.0. Base metrics: CVSS v3.1 vector AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N wit...
CVE-2025-54694 WordPress Button Block Plugin plugin <= 1.2.0 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in bPlugins Button Block button-block allows Cross Site Request Forgery.This issue affects Button Block: from n/a through = 1.2.0...
WordPress plugin Button Block 跨站请求伪造漏洞
WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery vulnerability exists in WordPress plugin Button Block 1.2.0 and prior...
PT-2025-33246 · WordPress · Bplugins Button Block
Name of the Vulnerable Software and Affected Versions: bPlugins Button Block versions through 1.2.0 Description: This issue involves a Cross-Site Request Forgery CSRF that allows malicious actors to perform actions on behalf of an unsuspecting user. Recommendations: Update bPlugins Button Block t...
CVE-2025-22815
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bPlugins Button Block button-block allows Stored XSS.This issue affects Button Block: from n/a through = 1.1.9...
CVE-2025-22787
Missing Authorization vulnerability in bPlugins Button Block button-block allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Button Block: from n/a through = 1.1.5...
CVE-2024-10671
The Button Block – Get fully customizable & multi-functional buttons plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.1.4 via the btnblock shortcode due to insufficient restrictions on which posts can be included. This makes it possible for...
CVE-2024-12117
The Stackable – Page Builder Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'title' parameter of the Button block in all versions up to, and including, 3.13.11 due to insufficient input sanitization and output escaping. This makes it possible for...
PT-2025-1754 · WordPress · Stackable – Page Builder Gutenberg Blocks
Name of the Vulnerable Software and Affected Versions: Stackable – Page Builder Gutenberg Blocks plugin for WordPress versions up to, and including, 3.13.11 Description: The issue is related to Stored Cross-Site Scripting via the title parameter of the Button block due to insufficient input...
CVE-2025-22787
Missing Authorization vulnerability in bPlugins Button Block button-block allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Button Block: from n/a through = 1.1.5...
CVE-2025-22787
Missing Authorization vulnerability in bPlugins LLC Button Block allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Button Block: from n/a through 1.1.5...