CVE-2025-54694 WordPress Button Block Plugin plugin <= 1.2.0 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in bPlugins Button Block allows Cross Site Request Forgery. This issue affects Button Block: from n/a through 1.2.0...

CVE-2025-54694 WordPress Button Block Plugin plugin <= 1.2.0 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in bPlugins Button Block button-block allows Cross Site Request Forgery.This issue affects Button Block: from n/a through = 1.2.0...

CVE-2025-22787

CVE-2025-22787 is a Missing Authorization vulnerability in the WordPress plugin Button Block by bPlugins LLC , affecting versions up to 1.1.5. Per the provided documents, the CVE is associated with access to functions not properly constrained by ACLs, with a CVSS v3.1 base score of 8.8 (High) , a...

PT-2024-17655 · WordPress · Button Block

Name of the Vulnerable Software and Affected Versions: Button Block plugin for WordPress versions up to, and including, 1.1.5 Description: The issue allows authenticated attackers with Contributor-level access and above to extract potentially sensitive data from draft, scheduled, private, and...