ByteOS Network

CVE-2025-54694

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-4.3||MEDIUM

EPSS-0.02% / 2.14%

||

7 Day CHG~0.00%

Published-14 Aug, 2025 | 10:34

Updated-14 Aug, 2025 | 14:41

WordPress Button Block Plugin plugin <= 1.2.0 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery (CSRF) vulnerability in bPlugins Button Block allows Cross Site Request Forgery. This issue affects Button Block: from n/a through 1.2.0.

Vendor-bPlugins

Product-Button Block

CWE ID-CWE-352

Cross-Site Request Forgery (CSRF)

CVE-2025-22787

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-4.3||MEDIUM

EPSS-0.07% / 21.04%

||

7 Day CHG+0.01%

Published-15 Jan, 2025 | 15:23

Updated-25 Feb, 2025 | 15:41

WordPress Button Block plugin <= 1.1.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in bPlugins LLC Button Block allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Button Block: from n/a through 1.1.5.

Vendor-bplugins bPlugins LLC

Product-button_block Button Block

CWE ID-CWE-862

Missing Authorization

CVE-2025-22815

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-6.5||MEDIUM

EPSS-0.04% / 11.00%

||

7 Day CHG~0.00%

Published-09 Jan, 2025 | 15:39

Updated-25 Feb, 2025 | 16:55

WordPress Button Block plugin <= 1.1.6 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins LLC Button Block allows Stored XSS.This issue affects Button Block: from n/a through 1.1.6.

Vendor-bplugins bPlugins LLC

Product-button_block Button Block

CWE ID-CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

N/A

Source -

CNA CVEs -

ADP CVEs -

CISA CVEs -

NVD CVEs -