17 matches found
WordPress Epic Bootstrap Buttons plugin cross-site scripting vulnerability
WordPress Epic Bootstrap Buttons plugin is a plugin for quickly adding Bootstrap style buttons to your WordPress website. WordPress Epic Bootstrap Buttons plugin suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of icol parameters, whic...
CVE-2025-8776
The Epic Bootstrap Buttons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘icol’ parameter in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...
EUVD-2024-43814
Malicious code in bioql PyPI...
CVE-2025-8776
The Epic Bootstrap Buttons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘icol’ parameter in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...
CVE-2025-8776
CVE-2025-8776 (Epic Bootstrap Buttons, WordPress) : The WordPress plugin is affected by a Stored Cross-Site Scripting vulnerability triggered via the icol parameter. The issue applies to all versions up to 1.0. An attacker with Contributor-level access or higher can inject arbitrary scripts that ...
EUVD-2025-32260
The Epic Bootstrap Buttons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘icol’ parameter in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...
CVE-2025-8776 Epic Bootstrap Buttons <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via icol Parameter
The Epic Bootstrap Buttons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘icol’ parameter in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...
CVE-2025-8776 Epic Bootstrap Buttons <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via icol Parameter
The Epic Bootstrap Buttons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘icol’ parameter in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...
WordPress Epic Bootstrap Buttons plugin <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via icol Parameter vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via icol Parameter vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Epic Bootstrap Buttons versions = 1.0...
WordPress plugin Epic Bootstrap Buttons 跨站脚本漏洞
WordPress Epic Bootstrap Buttons plugin is a plugin for quickly adding Bootstrap style buttons to your WordPress website. WordPress Epic Bootstrap Buttons plugin suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of icol parameters, whic...
PT-2025-40479
Name of the Vulnerable Software and Affected Versions Epic Bootstrap Buttons plugin for WordPress versions prior to 1.0 Description The plugin is susceptible to Stored Cross-Site Scripting due to inadequate input sanitization and output escaping. This allows authenticated attackers with...
CVE-2024-49677
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in David Cramer Bootstrap Buttons bootstrap-buttons allows Reflected XSS.This issue affects Bootstrap Buttons: from n/a through = 1.2...
CVE-2024-49677
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in David Cramer Bootstrap Buttons bootstrap-buttons allows Reflected XSS.This issue affects Bootstrap Buttons: from n/a through = 1.2...
CVE-2024-49677 WordPress Bootstrap Buttons plugin <= 1.2 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in David Cramer Bootstrap Buttons bootstrap-buttons allows Reflected XSS.This issue affects Bootstrap Buttons: from n/a through = 1.2...
CVE-2024-49677 WordPress Bootstrap Buttons plugin <= 1.2 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in David Cramer Bootstrap Buttons bootstrap-buttons allows Reflected XSS.This issue affects Bootstrap Buttons: from n/a through = 1.2...
WordPress plugin Bootstrap Buttons 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...
PT-2024-33629 · David Cramer · Bootstrap Buttons
Name of the Vulnerable Software and Affected Versions: David Cramer Bootstrap Buttons versions 1.2 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Reflected XSS. Recommendations: For...