cleantalk
Vulnerabilities and Security Researches

Simple shortcode buttons, CVE-2025-23449

CVE, Research URL

CVE-2025-23449

Home page URL

Security reports for Simple shortcode buttons

Application

Simple shortcode buttons

Published on
Jan 22, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Simple shortcode buttons allows Reflected XSS. This issue affects Simple shortcode buttons: from n/a through 1.3.2.
Affected versions
max 1.3.2.
Status
vulnerable
Previous vulnerability researches
Shortcode Button (CVE-2025-10194) , Nov 10, 2025
Simple shortcode buttons (CVE-2025-23449) , Jan 24, 2025
Easy Shortcode Buttons (CVE-2025-23825) , Jan 18, 2025
Forget About Shortcode Buttons (CVE-2023-32579) , Jun 07, 2024
Forget About Shortcode Buttons (CVE-2016-1000133) , Jun 07, 2024
New vulnerability
Centangle-Team (CVE-2025-12456) , Nov 11, 2025
TablePress – Tables in WordPress made easy (CVE-2025-12324) , Nov 11, 2025
WP User Manager – User Profile Builder & Membership (CVE-2025-60245) , Nov 11, 2025
Auto Featured Image (Auto Post Thumbnail) (CVE-2025-10145) , Nov 11, 2025
Digiseller (CVE-2025-10141) , Nov 11, 2025