Beta

Report

The Buffer Button <= 1.0 is vulnerable to Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Administrator
Published
2022-01-17

The Buffer Button WordPress plugin through 1.0 was vulnerable to Authenticated Stored Cross Site Scripting (XSS) within the Twitter username to mention text field.

CVE

https://www.cve.org/CVERecord?id=CVE-2021-25058

CVSS

Score:5.4

Severity:Medium

Version: 1.0

The plugin vendor has not patched this vulnerability at the moment.