Maxfoundry Maxbuttons Create Buttons vulnerabilities
3 known vulnerabilities affecting maxfoundry/maxbuttons_create_buttons.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2024-6499MEDIUMCVSS 5.3≤ 9.7.82024-08-24
CVE-2024-6499 [MEDIUM] CWE-200 CVE-2024-6499: The WordPress Button Plugin MaxButtons plugin for WordPress is vulnerable to information exposure in
The WordPress Button Plugin MaxButtons plugin for WordPress is vulnerable to information exposure in all versions up to, and including, 9.7.8. This makes it possible for unauthenticated attackers to obtain the full path to instances, which they may be able to use in combination with other vulnerabilities or to simplify reconnaissance work. On its own,
cvelistv5nvd
CVE-2023-7029MEDIUMCVSS 5.4≤ 9.7.62024-02-05
CVE-2023-7029 [MEDIUM] CWE-79 CVE-2023-7029: The WordPress Button Plugin MaxButtons plugin for WordPress is vulnerable to Stored Cross-Site Scrip
The WordPress Button Plugin MaxButtons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including 9.7.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and ab
cvelistv5nvd
CVE-2023-6594MEDIUMCVSS 4.8≤ 9.7.42024-01-09
CVE-2023-6594 [MEDIUM] CWE-79 CVE-2023-6594: The WordPress Button Plugin MaxButtons plugin for WordPress is vulnerable to Stored Cross-Site Scrip
The WordPress Button Plugin MaxButtons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 9.7.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web sc
cvelistv5nvd