cleantalk
Vulnerabilities and Security Researches

Button Block – Get fully customizable & multi-functional buttons, CVE-2025-22815

CVE, Research URL

CVE-2025-22815

Home page URL

Security reports for Button Block – Get fully customizable & multi-functional buttons

Application

Button Block – Get fully customizable & multi-functional buttons

Published on
Jan 09, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins LLC Button Block allows Stored XSS.This issue affects Button Block: from n/a through 1.1.6.
Affected versions
Min -, max 1.2.0.
Status
vulnerable
Previous vulnerability researches
Button Block – Get fully customizable & multi-functional buttons (CVE-2024-10671) , Nov 21, 2024
Button Block – Get fully customizable & multi-functional buttons (CVE-2025-54694) , Aug 06, 2025
Button Block – Get fully customizable & multi-functional buttons (CVE-2025-22815) , Jan 11, 2025
Button Block – Get fully customizable & multi-functional buttons (CVE-2024-12560) , Dec 20, 2024
Button Block – Get fully customizable & multi-functional buttons (CVE-2025-22787) , Jan 17, 2025
New vulnerability
Everest Forms – Build Contact Forms, Surveys, Polls, Application Forms, and more with Ease! , Aug 08, 2025
Gutenverse – Gutenberg Blocks – Page Builder for Site Editor (CVE-2025-7727) , Aug 07, 2025
Flex Guten – A Multipurpose Gutenberg Blocks Plugin (CVE-2025-6256) , Aug 07, 2025
Simple File List (CVE-2025-54021) , Aug 07, 2025
Newsletters (CVE-2025-54034) , Aug 07, 2025