Vulnerabilities > Maxfoundry > Maxbuttons > 1.0.0

DATE CVE VULNERABILITY TITLE RISK
2024-02-05 CVE-2023-7029 Cross-site Scripting vulnerability in Maxfoundry Maxbuttons
The WordPress Button Plugin MaxButtons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including 9.7.6 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
maxfoundry CWE-79
5.4
5.4
2024-01-09 CVE-2023-6594 Cross-site Scripting vulnerability in Maxfoundry Maxbuttons
The WordPress Button Plugin MaxButtons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 9.7.4 due to insufficient input sanitization and output escaping.
network
low complexity
maxfoundry CWE-79
4.8
4.8
2023-07-25 CVE-2023-36503 Cross-site Scripting vulnerability in Maxfoundry Maxbuttons
Auth.
network
low complexity
maxfoundry CWE-79
5.4
5.4
2023-03-05 CVE-2014-125092 Cross-site Scripting vulnerability in Maxfoundry Maxbuttons
A vulnerability was found in MaxButtons Plugin up to 1.26.0 on WordPress and classified as problematic.
network
low complexity
maxfoundry CWE-79
6.1
6.1