Vulnerabilities > Bplugins > Button Block > 1.0.6

DATE CVE VULNERABILITY TITLE RISK
2025-01-15 CVE-2025-22787 Missing Authorization vulnerability in Bplugins Button Block
Missing Authorization vulnerability in bPlugins LLC Button Block allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Button Block: from n/a through 1.1.5.
network
low complexity
bplugins CWE-862
8.8
8.8
2025-01-09 CVE-2025-22815 Cross-site Scripting vulnerability in Bplugins Button Block
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins LLC Button Block allows Stored XSS.This issue affects Button Block: from n/a through 1.1.6.
network
low complexity
bplugins CWE-79
5.4
5.4
2024-12-19 CVE-2024-12560 Unspecified vulnerability in Bplugins Button Block
The Button Block – Get fully customizable & multi-functional buttons plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.1.5 via the 'btn_block_duplicate_post' function.
network
low complexity
bplugins
6.5
6.5