cleantalk
Vulnerabilities and Security Researches

Bread & Butter: real lead capture, gated content & newsletter opt-ins, CVE-2024-51802

CVE, Research URL

CVE-2024-51802

Home page URL

Security reports for Bread & Butter: real lead capture, gated content & newsletter opt-ins

Application

Bread & Butter: real lead capture, gated content & newsletter opt-ins

Published on
Nov 19, 2024
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bread & Butter IO Inc. Bread & Butter allows DOM-Based XSS.This issue affects Bread & Butter: from n/a through 7.4.857.
Affected versions
max 7.5.880.
Status
vulnerable
Previous vulnerability researches
Bread & Butter: real lead capture, gated content & newsletter opt-ins (CVE-2025-12189) , Dec 11, 2025
Bread & Butter: real lead capture, gated content & newsletter opt-ins (CVE-2024-51802) , Nov 11, 2024
Bread & Butter: real lead capture, gated content & newsletter opt-ins (CVE-2026-4279) , Apr 23, 2026
New vulnerability
Poll Maker – Best WordPress Poll Plugin (CVE-2025-57954) , Apr 24, 2026
HT Mega – Absolute Addons for WPBakery Page Builder (CVE-2025-53463) , Apr 24, 2026
TZ Plus Gallery (CVE-2025-57974) , Apr 24, 2026
User Meta – User Profile Builder and User management plugin (CVE-2025-9693) , Apr 24, 2026
Gutenberg Blocks – PublishPress Blocks Gutenberg Editor Plugin (CVE-2025-8588) , Apr 24, 2026