Vulnerabilities > Bplugins > Button Block
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-01-15 | CVE-2025-22787 | Missing Authorization vulnerability in Bplugins Button Block Missing Authorization vulnerability in bPlugins LLC Button Block allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Button Block: from n/a through 1.1.5. | 8.8 |
| 2025-01-09 | CVE-2025-22815 | Cross-site Scripting vulnerability in Bplugins Button Block Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins LLC Button Block allows Stored XSS.This issue affects Button Block: from n/a through 1.1.6. | 5.4 |
| 2024-12-19 | CVE-2024-12560 | Unspecified vulnerability in Bplugins Button Block The Button Block – Get fully customizable & multi-functional buttons plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.1.5 via the 'btn_block_duplicate_post' function. | 6.5 |
| 2024-11-21 | CVE-2024-10671 | Authorization Bypass Through User-Controlled Key vulnerability in Bplugins Button Block The Button Block – Get fully customizable & multi-functional buttons plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.1.4 via the [btn_block] shortcode due to insufficient restrictions on which posts can be included. | 6.5 |