Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
maxfoundry maxbuttons vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-36503
Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in Max Foundry WordPress Button Plugin MaxButtons plugin <= 9.5.3 versions.
Maxfoundry Maxbuttons
NA
CVE-2022-38703
Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Max Foundry Button Plugin MaxButtons plugin <= 9.2 at WordPress
Maxfoundry Maxbuttons
NA
CVE-2022-36346
Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Max Foundry MaxButtons plugin <= 9.2 at WordPress.
Maxfoundry Maxbuttons
NA
CVE-2023-6594
The WordPress Button Plugin MaxButtons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 9.7.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, ...
Maxfoundry Maxbuttons
NA
CVE-2014-125092
A vulnerability was found in MaxButtons Plugin up to 1.26.0 on WordPress and classified as problematic. This issue affects the function maxbuttons_strip_px of the file includes/maxbuttons-button.php. The manipulation of the argument button_id leads to cross site scripting. The at...
Maxfoundry Maxbuttons
NA
CVE-2023-7029
The WordPress Button Plugin MaxButtons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including 9.7.6 due to insufficient input sanitization and output escaping on user supplied attributes. This make...
Maxfoundry Maxbuttons
4.3
CVSSv2
CVE-2014-7181
Cross-site scripting (XSS) vulnerability in the Max Foundry MaxButtons plugin prior to 1.26.1 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the id parameter in a button action on the maxbuttons-controller page to wp-admin/admin.php, relate...
Maxfoundry Maxbuttons 1.26.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2024-5274
CVE-2020-17519
CVE-2024-35340
CVE-2021-47558
local
XML injection
CVE-2021-47519
CVE-2021-47543
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started