MAL-2025-9667 Malicious code in @wisetail/wds-button (npm)

The package @wisetail/wds-button was found to contain malicious code...

MAL-2025-7972 Malicious code in @frozen-ui/link-button (npm)

The package @frozen-ui/link-button was found to contain malicious code...

MAL-2025-18486 Malicious code in discords-button (npm)

The package discords-button was found to contain malicious code...

Malicious code in lyft-web-button (npm)

The package lyft-web-button was found to contain malicious code...

MAL-2025-40443 Malicious code in yelp-react-component-button (npm)

The package yelp-react-component-button was found to contain malicious code...

Malicious code in url-bar-notification-button (npm)

The package url-bar-notification-button was found to contain malicious code...

MAL-2025-7130 Malicious code in @cobalt-marketplace/react-stateful-button (npm)

The package @cobalt-marketplace/react-stateful-button was found to contain malicious code...

Malicious code in @frozen-ui/link-button (npm)

The package @frozen-ui/link-button was found to contain malicious code...

Malicious code in @cobalt-marketplace/react-stateful-button (npm)

The package @cobalt-marketplace/react-stateful-button was found to contain malicious code...

MAL-2025-37946 Malicious code in url-bar-notification-button (npm)

The package url-bar-notification-button was found to contain malicious code...

Malicious code in yelp-react-component-button (npm)

The package yelp-react-component-button was found to contain malicious code...

Malicious code in discords-button (npm)

The package discords-button was found to contain malicious code...

MAL-2025-25713 Malicious code in lyft-web-button (npm)

The package lyft-web-button was found to contain malicious code...

simple-basic-react-button (=0.1.0) potentially affected by unknown CVE via prpo-types (=0.0.1-security)

prpo-types NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on prpo-types and may be impacted: - simple-basic-react-button =0.1.0 Source cves: unknown CVE Source advisory: OSV:MAL-2025-30788...

MAL-2025-9296 Malicious code in @sellerly-kit/button (npm)

The package @sellerly-kit/button was found to contain malicious code...

CVE-2025-54694

Cross-Site Request Forgery CSRF vulnerability in bPlugins Button Block button-block allows Cross Site Request Forgery.This issue affects Button Block: from n/a through = 1.2.0...

CVE-2025-54694 WordPress Button Block Plugin plugin <= 1.2.0 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in bPlugins Button Block allows Cross Site Request Forgery. This issue affects Button Block: from n/a through 1.2.0...

CVE-2025-54694 WordPress Button Block Plugin plugin <= 1.2.0 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in bPlugins Button Block button-block allows Cross Site Request Forgery.This issue affects Button Block: from n/a through = 1.2.0...

CVE-2025-54694

CVE-2025-54694 describes a Cross-Site Request Forgery in the WordPress plugin Button Block, affecting versions up to 1.2.0. The issue is confirmed in multiple sources and the CVE record shows a patch that updates beyond 1.2.0. Base metrics: CVSS v3.1 vector AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N wit...

WordPress plugin Button Block 跨站请求伪造漏洞

WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery vulnerability exists in WordPress plugin Button Block 1.2.0 and prior...