GHSA-8h2w-mrjw-fq93
GitHub Security Advisory
⚠ Unreviewed
MODERATE
Has CVE
Advisory Details
The WordPress Button Plugin MaxButtons WordPress plugin before 9.7.8 does not sanitise and escape some parameters, which could allow users with a role as low as editor to perform Cross-Site Scripting attacks
Related CVEs
Key Information
5.0
/10
Dataset
Last updated: June 27, 2025 6:26 AM
Data from GitHub Advisory Database. This information is provided for research and educational purposes.