cleantalk
Vulnerabilities and Security Researches

WordPress Button Plugin MaxButtons, CVE-2022-38703

CVE, Research URL

CVE-2022-38703

Home page URL

Security reports for WordPress Button Plugin MaxButtons

Application

WordPress Button Plugin MaxButtons

Published on
Sep 23, 2022
Research Description
Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Max Foundry Button Plugin MaxButtons plugin <= 9.2 at WordPress
Affected versions
Min -, max 9.3.
Status
vulnerable
Previous vulnerability researches
WordPress Button Plugin MaxButtons (CVE-2025-39444) , Apr 19, 2025
WordPress Button Plugin MaxButtons (CVE-2024-8968) , Dec 25, 2024
WordPress Button Plugin MaxButtons (CVE-2024-10555) , Dec 22, 2024
WordPress Button Plugin MaxButtons (CVE-2024-6499) , Aug 25, 2024
WordPress Button Plugin MaxButtons (CVE-2017-2169) , Jun 06, 2024
New vulnerability
WP Logger (CVE-2025-39456) , Apr 20, 2025
visualslider Sldier (CVE-2025-23448) , Apr 20, 2025
RSS Manager (CVE-2025-39418) , Apr 20, 2025
Contact Form vCard Generator (CVE-2025-39521) , Apr 20, 2025
AdminQuickbar (CVE-2025-39464) , Apr 20, 2025