WordPress MaxButtons plugin < 9.8.1 - Admin+ Stored XSS via Text Color vulnerability

Admin+ Stored XSS via Text Color vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin MaxButtons versions 9.8.1...

EUVD-2014-1260

Malware in sbrugna...

EUVD-2023-59220

Malicious code in bioql PyPI...

EUVD-2023-58818

Malicious code in bioql PyPI...

EUVD-2022-39062

Malicious code in bioql PyPI...

EUVD-2023-40452

Malicious code in bioql PyPI...

EUVD-2022-41272

Malicious code in bioql PyPI...

CVE-2024-6499

The WordPress Button Plugin MaxButtons plugin for WordPress is vulnerable to information exposure in all versions up to, and including, 9.7.8. This makes it possible for unauthenticated attackers to obtain the full path to instances, which they may be able to use in combination with other...

CVE-2023-7029

The WordPress Button Plugin MaxButtons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including 9.7.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2023-6594

The WordPress Button Plugin MaxButtons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 9.7.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2014-125092

A vulnerability was found in MaxButtons Plugin up to 1.26.0 on WordPress and classified as problematic. This issue affects the function maxbuttonsstrippx of the file includes/maxbuttons-button.php. The manipulation of the argument buttonid leads to cross site scripting. The attack may be initiate...

CVE-2025-39444 WordPress MaxButtons plugin <= 9.8.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Maxfoundry MaxButtons allows Stored XSS.This issue affects MaxButtons: from n/a through 9.8.3...

CVE-2025-39444 WordPress MaxButtons plugin <= 9.8.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in maxfoundry MaxButtons maxbuttons allows Stored XSS.This issue affects MaxButtons: from n/a through = 9.8.3...

WordPress MaxButtons plugin <= 9.8.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Ayato Shitomi @ Fore-Z co.ltd in WordPress Plugin MaxButtons versions = 9.8.3...

CVE-2024-10555

The WordPress Button Plugin MaxButtons WordPress plugin before 9.8.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisit...

CVE-2024-8968 MaxButtons < 9.8.1 - Admin+ Stored XSS via Text Color

The WordPress Button Plugin MaxButtons WordPress plugin before 9.8.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisit...

CVE-2024-10555 MaxButtons < 9.8.1 - Admin+ Stored XSS via Button Width

The WordPress Button Plugin MaxButtons WordPress plugin before 9.8.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisit...

CVE-2024-10555 MaxButtons < 9.8.1 - Admin+ Stored XSS via Button Width

The WordPress Button Plugin MaxButtons WordPress plugin before 9.8.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisit...

PT-2024-39344 · WordPress · Maxbuttons

Name of the Vulnerable Software and Affected Versions: MaxButtons WordPress plugin versions prior to 9.8.1 Description: The issue is related to the MaxButtons WordPress plugin, which does not properly sanitize and escape some of its settings. This could allow high-privilege users, such as admins,...

PT-2024-16364 · WordPress · Maxbuttons

Name of the Vulnerable Software and Affected Versions: MaxButtons WordPress plugin versions prior to 9.8.1 Description: The issue is related to the MaxButtons WordPress plugin, which does not properly sanitise and escape some of its settings. This could allow high-privilege users, such as...