MaxButtons – Create buttons

Vulnerabilities 15Slug maxbuttonsLatest version 9.8.5WordPress.org →

Minimum safe version

9.8.4

Update to 9.8.4 or later to address 15 fixable vulnerabilities

Latest available9.8.5 ✓

Medium 5.9

2025-04-17< 9.8.4

CVE-2025-39444

CVE EUVD Wordfence

Medium 4.7

2024-11-29< 9.8.1

WordPress Button Plugin MaxButtons <= 9.8.0 - Authenticated (Admin+) Stored Cross-Site Scripting via Text Color

Wordfence CVE

Medium 4.8

2024-12-20< 9.8.1

CVE-2024-10555

CVE Patchstack Wordfence

Medium 5.3

2024-08-26< 9.8.0

WordPress MaxButtons Plugin <= 9.7.8 is vulnerable to Sensitive Data Exposure

Patchstack CVE Wordfence

Medium 5.4

2024-07-15< 9.7.8

WordPress MaxButtons Plugin < 9.7.8 is vulnerable to Cross Site Scripting (XSS)

Patchstack CVE Wordfence

Medium 5.4

2024-02-05< 9.7.7

CVE-2023-7029

CVE Patchstack Wordfence WPScan

Medium 4.8

2024-01-09< 9.7.6

CVE-2023-6594

CVE Wordfence Patchstack WPScan

Medium 6.1

2023-03-05< 1.26.1

CVE-2014-125092

CVE

Medium 6.5

2023-07-25< 9.6

CVE-2023-36503

CVE Patchstack Wordfence WPScan

N/A

< 1.20.0

MaxButtons 1.19.0 - includes/maxbuttons-button-css.php Authentication Bypass

WPScan

Low 3.4

2022-09-23< 9.3

CVE-2022-38703

CVE Wordfence Patchstack Wordfence WPScan

Medium 4.3

2022-08-22< 9.3

CVE-2022-36346

CVE Patchstack Wordfence WPScan

N/A

2014-08-01< 1.20.0

WordPress MaxButtons Plugin <= 1.19.0 - BYPASS

Patchstack

N/A

2014-10-16< 1.26.1

CVE-2014-7181

CVE Patchstack Wordfence WPScan

Medium 6.1

2017-05-22< 6.19

CVE-2017-2169

CVE JVN Wordfence WPScan