5 matches found
Cross site request forgery (csrf)
Multiple Cross-Site Request Forgery CSRF vulnerabilities in Max Foundry MaxButtons plugin = 9.2 at WordPress...
PT-2022-23321 · Max Foundry · Maxbuttons
Name of the Vulnerable Software and Affected Versions: Max Foundry MaxButtons plugin versions = 9.2 Description: The issue concerns multiple Cross-Site Request Forgery CSRF vulnerabilities. CSRF is a type of attack where an attacker tricks a user into performing unintended actions on a web...
Cross site scripting
Cross-site scripting XSS vulnerability in the Max Foundry MaxButtons plugin before 1.26.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the id parameter in a button action on the maxbuttons-controller page to wp-admin/admin.php, related to the button creation pa...
CVE-2014-7181
Cross-site scripting XSS vulnerability in the Max Foundry MaxButtons plugin before 1.26.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the id parameter in a button action on the maxbuttons-controller page to wp-admin/admin.php, related to the button creation pa...
CVE-2014-7181
CVE-2014-7181 concerns the WordPress plugin MaxButtons (MaxButtons WordPress plugin,