EUVD-2025-24700

Malicious code in bioql PyPI...

CVE-2025-54694

Cross-Site Request Forgery CSRF vulnerability in bPlugins Button Block button-block allows Cross Site Request Forgery.This issue affects Button Block: from n/a through = 1.2.0...

CVE-2025-54694

CVE-2025-54694 describes a Cross-Site Request Forgery in the WordPress plugin Button Block, affecting versions up to 1.2.0. The issue is confirmed in multiple sources and the CVE record shows a patch that updates beyond 1.2.0. Base metrics: CVSS v3.1 vector AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N wit...

PT-2025-33246 · WordPress · Bplugins Button Block

Name of the Vulnerable Software and Affected Versions: bPlugins Button Block versions through 1.2.0 Description: This issue involves a Cross-Site Request Forgery CSRF that allows malicious actors to perform actions on behalf of an unsuspecting user. Recommendations: Update bPlugins Button Block t...

CVE-2025-22815

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bPlugins LLC Button Block allows Stored XSS.This issue affects Button Block: from n/a through 1.1.6...