CVE-2025-54694
- EPSS 0.14%
- Veröffentlicht 14.08.2025 10:34:52
- Zuletzt bearbeitet 23.04.2026 15:32:50
Cross-Site Request Forgery (CSRF) vulnerability in bPlugins Button Block button-block allows Cross Site Request Forgery.This issue affects Button Block: from n/a through <= 1.2.0.
CVE-2025-22787
- EPSS 0.3%
- Veröffentlicht 15.01.2025 16:15:41
- Zuletzt bearbeitet 23.04.2026 15:23:36
Missing Authorization vulnerability in bPlugins Button Block button-block allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Button Block: from n/a through <= 1.1.5.
CVE-2025-22815
- EPSS 0.2%
- Veröffentlicht 09.01.2025 16:16:31
- Zuletzt bearbeitet 23.04.2026 15:23:40
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins Button Block button-block allows Stored XSS.This issue affects Button Block: from n/a through <= 1.1.9.
CVE-2024-12560
- EPSS 0.36%
- Veröffentlicht 19.12.2024 07:15:13
- Zuletzt bearbeitet 24.02.2025 16:02:11
The Button Block – Get fully customizable & multi-functional buttons plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.1.5 via the 'btn_block_duplicate_post' function. This makes it possible ...
CVE-2024-10671
- EPSS 0.51%
- Veröffentlicht 21.11.2024 11:15:20
- Zuletzt bearbeitet 24.02.2025 15:58:24
The Button Block – Get fully customizable & multi-functional buttons plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.1.4 via the [btn_block] shortcode due to insufficient restrictions on which posts ...