Lucene search
K

136 matches found

NVD
NVD
added 2026/06/27 6:16 a.m.9 views

CVE-2026-13245

The MaxButtons – Create buttons plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'view' parameter in all versions up to, and including, 9.8.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

6.1CVSS0.00211EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/27 5:33 a.m.37 views

CVE-2026-13245 MaxButtons <= 9.8.5 - Reflected Cross-Site Scripting via 'view' Parameter

The MaxButtons – Create buttons plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'view' parameter in all versions up to, and including, 9.8.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

6.1CVSS0.00211EPSS
Exploits0References4
CVE
CVE
added 2026/06/27 5:33 a.m.17 views

CVE-2026-13245

The CVE-2026-13245 entry concerns the WordPress plugin MaxButtons – Create buttons, vulnerable to Reflected Cross-Site Scripting via the 'view' parameter in all versions up to 9.8.5. The root cause is insufficient input sanitization and output escaping, enabling unauthenticated attackers to injec...

6.1CVSS5.9AI score0.00211EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/27 5:33 a.m.8 views

EUVD-2026-39944

The MaxButtons – Create buttons plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'view' parameter in all versions up to, and including, 9.8.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

6.1CVSS5.9AI score0.00211EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/27 5:33 a.m.9 views

CVE-2026-13245

The MaxButtons – Create buttons plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'view' parameter in all versions up to, and including, 9.8.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

6.1CVSS5.9AI score0.00211EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/27 12:0 a.m.12 views

PT-2026-53046

Name of the Vulnerable Software and Affected Versions MaxButtons – Create buttons plugin for WordPress versions prior to 9.8.6 Description Reflected Cross-Site Scripting occurs due to insufficient input sanitization and output escaping. This allows unauthenticated attackers to inject arbitrary we...

6.1CVSS5.9AI score0.00211EPSS
Exploits0References10
Patchstack
Patchstack
added 2026/01/29 9:21 p.m.10 views

WordPress MaxButtons plugin < 9.8.1 - Admin+ Stored XSS via Text Color vulnerability

Admin+ Stored XSS via Text Color vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin MaxButtons versions 9.8.1...

4.7CVSS5.9AI score0.00409EPSS
Exploits1References1Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-11352

Malware in sbrugna...

6.1CVSS6.3AI score0.01379EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.10 views

EUVD-2014-1260

Malware in sbrugna...

6.1CVSS4.7AI score0.00531EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.16 views

EUVD-2022-41272

Malicious code in bioql PyPI...

4.8CVSS5.1AI score0.00424EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-39062

Malicious code in bioql PyPI...

8.8CVSS8.4AI score0.00334EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-47584

Malicious code in bioql PyPI...

5.3CVSS6.5AI score0.00439EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-40452

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.0038EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-11568

Malicious code in bioql PyPI...

5.9CVSS6.9AI score0.00246EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-58818

Malicious code in bioql PyPI...

4.8CVSS6.4AI score0.00319EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-59220

Malicious code in bioql PyPI...

6.4CVSS6.6AI score0.00399EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 9:24 a.m.5 views

CVE-2024-3026

The WordPress Button Plugin MaxButtons WordPress plugin before 9.7.8 does not sanitise and escape some parameters, which could allow users with a role as low as editor to perform Cross-Site Scripting attacks...

5.4CVSS6AI score0.00492EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:59 a.m.9 views

CVE-2024-6499

The WordPress Button Plugin MaxButtons plugin for WordPress is vulnerable to information exposure in all versions up to, and including, 9.7.8. This makes it possible for unauthenticated attackers to obtain the full path to instances, which they may be able to use in combination with other...

5.3CVSS6.7AI score0.00439EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:20 a.m.6 views

CVE-2024-8968

The WordPress Button Plugin MaxButtons WordPress plugin before 9.8.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisit...

4.7CVSS5.7AI score0.00409EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:28 a.m.6 views

CVE-2024-10555

The WordPress Button Plugin MaxButtons WordPress plugin before 9.8.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisit...

4.8CVSS5.7AI score0.00321EPSS
Exploits1References1
Rows per page
Query Builder