Wow-company - Button Generator CVE

Filtered by vendor Wow-company Subscribe

Filtered by product Button Generator

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2023-49155	1 Wow-company	1 Button Generator	2023-12-21	N/A	8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Button Generator – easily Button Builder.This issue affects Button Generator – easily Button Builder: from n/a through 2.3.8.
CVE-2021-25052	1 Wow-company	1 Button Generator	2022-01-14	5.1 MEDIUM	8.8 HIGH
The Button Generator WordPress plugin before 2.3.3 within the wow-company admin menu page allows to include() arbitrary file with PHP extension (as well as with data:// or http:// protocols), thus leading to CSRF RCE.

Vulnerabilities (CVE)