Maxbuttons Security Vulnerabilities and Issues — Maxbuttons CVE List

Lucene search

MaxfoundryMaxbuttons

3 matches found

CVE•added 2024/02/05 10:15 p.m.•76 views

CVE-2023-7029

The WordPress Button Plugin MaxButtons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including 9.7.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authen...

6.4CVSS5.6AI score0.00213EPSS

CVE•added 2023/07/25 2:15 p.m.•68 views

CVE-2023-36503

Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in Max Foundry WordPress Button Plugin MaxButtons plugin

6.5CVSS5.7AI score0.00081EPSS

CVE•added 2023/03/05 9:15 p.m.•62 views

CVE-2014-125092

A vulnerability was found in MaxButtons Plugin up to 1.26.0 on WordPress and classified as problematic. This issue affects the function maxbuttons_strip_px of the file includes/maxbuttons-button.php. The manipulation of the argument button_id leads to cross site scripting. The attack may be initiat...

6.1CVSS4.8AI score0.00069EPSS