CVE-2023-7029 — CVSS 6.4 (medium): The WordPress Button Plugin MaxButtons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in…
CVE-2024-3026 — CVSS 5.4 (medium): The WordPress Button Plugin MaxButtons WordPress plugin before 9.7.8 does not sanitise and escape some parameters, which could allow users…
CVE-2024-6499 — CVSS 5.3 (medium): The WordPress Button Plugin MaxButtons plugin for WordPress is vulnerable to information exposure in all versions up to, and including…
CVE-2024-10555 — CVSS 4.8 (medium): The WordPress Button Plugin MaxButtons WordPress plugin before 9.8.1 does not sanitise and escape some of its settings, which could allow…
CVE-2024-8968 — CVSS 4.7 (medium): The WordPress Button Plugin MaxButtons WordPress plugin before 9.8.1 does not sanitise and escape some of its settings, which could allow…
CVE-2023-6594 — CVSS 4.4 (medium): The WordPress Button Plugin MaxButtons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions…
CVE-2022-36346 — CVSS 4.3 (medium): Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Max Foundry MaxButtons plugin <= 9.2 at WordPress.
CVE-2014-7181 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the Max Foundry MaxButtons plugin before 1.26.1 for WordPress allows remote attackers to inject…
CVE-2014-125092 — CVSS 3.5 (low): A vulnerability was found in MaxButtons Plugin up to 1.26.0 on WordPress and classified as problematic. This issue affects the function…
CVE-2022-38703 — CVSS 3.4 (low): Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Max Foundry Button Plugin MaxButtons plugin <= 9.2 at WordPress