Lucene search

Button Generator - Easily Button Builder Security Vulnerabilities

cve

CVE-2021-25052

The Button Generator WordPress plugin before 2.3.3 within the wow-company admin menu page allows to include() arbitrary file with PHP extension (as well as with data:// or http:// protocols), thus leading to CSRF RCE.

8.8CVSS

8.7AI Score

0.018EPSS

2022-01-10 04:15 PM

cve

CVE-2023-27452

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Wow-Company Button Generator – easily Button Builder plugin <= 2.3.3 versions.

5.9CVSS

4.8AI Score

0.0005EPSS

2023-06-22 12:15 PM