3 matches found
CVE-2025-11632 Call Now Button <= 1.5.4 - Authenticated (Subscriber+) Missing Authorization to Multiple Functions
The Call Now Button – The 1 Click to Call Button for WordPress plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on multiple functions in all versions up to, and including, 1.5.4. This makes it possible for authenticated attackers, with...
CVE-2025-11632
The WordPress plugin Call Now Button (Call Now Button – The #1 Click to Call Button for WordPress) is affected by CVE-2025-11632 due to missing capability checks in multiple functions across versions up to 1.5.4. The issue enables authenticated users with Subscriber-level access and above to gene...
PT-2025-44275
Name of the Vulnerable Software and Affected Versions Call Now Button versions prior to 1.5.5 Description The Call Now Button plugin for WordPress is susceptible to unauthorized data access because of a missing capability check in multiple functions. Attackers with Subscriber-level access or high...