CVE-2024-3026

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
13/07/2024
Last modified:
01/08/2024

Description

The WordPress Button Plugin MaxButtons WordPress plugin before 9.7.8 does not sanitise and escape some parameters, which could allow users with a role as low as editor to perform Cross-Site Scripting attacks