Maxfoundry

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-4222 1Maxfoundry 1Wp Paginate Jun 17, 2026 Feb 28, 2022 N/A· v4 4.8 MEDIUM· v3 3.5 LOW· v2 The WP-Paginate WordPress plugin before 2.1.4 does not sanitise and escape its preset settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html is disallo...Show more The WP-Paginate WordPress plugin before 2.1.4 does not sanitise and escape its preset settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowedShow less
CVE-2014-7181 1Maxfoundry 1Maxbuttons May 6, 2026 Oct 16, 2014 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in the Max Foundry MaxButtons plugin before 1.26.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the id parameter in a button action on the maxb...Show more Cross-site scripting (XSS) vulnerability in the Max Foundry MaxButtons plugin before 1.26.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the id parameter in a button action on the maxbuttons-controller page to wp-admin/admin.php, related to the button creation page.Show less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2021-4222

1Maxfoundry

1Wp Paginate

Jun 17, 2026

Feb 28, 2022

N/A· v4

4.8 MEDIUM· v3

3.5 LOW· v2

The WP-Paginate WordPress plugin before 2.1.4 does not sanitise and escape its preset settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html is disallo...Show more

CVE-2014-7181

1Maxfoundry

1Maxbuttons

May 6, 2026

Oct 16, 2014

N/A· v4

N/A· v3

4.3 MEDIUM· v2

Cross-site scripting (XSS) vulnerability in the Max Foundry MaxButtons plugin before 1.26.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the id parameter in a button action on the maxb...Show more

Previous 12