Vulnerabilities > Maxfoundry > Maxbuttons > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-24 | CVE-2024-6499 | Unspecified vulnerability in Maxfoundry Maxbuttons The WordPress Button Plugin MaxButtons plugin for WordPress is vulnerable to information exposure in all versions up to, and including, 9.7.8. | 5.3 |
| 2024-02-05 | CVE-2023-7029 | Cross-site Scripting vulnerability in Maxfoundry Maxbuttons The WordPress Button Plugin MaxButtons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including 9.7.6 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
| 2024-01-09 | CVE-2023-6594 | Cross-site Scripting vulnerability in Maxfoundry Maxbuttons The WordPress Button Plugin MaxButtons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 9.7.4 due to insufficient input sanitization and output escaping. | 4.8 |
| 2023-07-25 | CVE-2023-36503 | Cross-site Scripting vulnerability in Maxfoundry Maxbuttons Auth. | 5.4 |
| 2023-03-05 | CVE-2014-125092 | Unspecified vulnerability in Maxfoundry Maxbuttons A vulnerability was found in MaxButtons Plugin up to 1.26.0 on WordPress and classified as problematic. | 6.1 |
| 2022-09-23 | CVE-2022-38703 | Unspecified vulnerability in Maxfoundry Maxbuttons Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Max Foundry Button Plugin MaxButtons plugin <= 9.2 at WordPress | 4.8 |