Known Vulnerabilities for products from BPlugins
Listed below are 13 of the newest known vulnerabilities associated with the vendor "BPlugins".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-40729 json | Not Provided | 2026-04-15 | 2026-04-16 | |
| CVE-2026-32489 json | Not Provided | 2026-03-25 | 2026-03-26 | |
| CVE-2026-32416 json | Not Provided | 2026-03-13 | 2026-04-01 | |
| CVE-2026-32359 json | Not Provided | 2026-03-13 | 2026-04-01 | |
| CVE-2026-24565 json | Not Provided | 2026-01-23 | 2026-04-01 | |
| CVE-2025-66110 json | Not Provided | 2025-11-21 | 2026-04-01 | |
| CVE-2025-54734 json | Not Provided | 2025-08-28 | 2026-04-01 | |
| CVE-2025-54710 json | Not Provided | 2025-08-28 | 2026-04-01 | |
| CVE-2025-54708 json | Not Provided | 2025-08-14 | 2026-04-01 | |
| CVE-2025-54694 json | Not Provided | 2025-08-14 | 2026-04-01 | |
| CVE-2025-22815 json | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins Button Block b... | Not Provided | 2025-01-09 | 2026-04-01 |
| CVE-2025-22787 json | Missing Authorization vulnerability in bPlugins Button Block button-block allows Accessing Functionality Not Properly Constra... | Not Provided | 2025-01-15 | 2026-04-01 |
| CVE-2024-23508 json | 6.1 - MEDIUM | 2024-01-31 | 2024-02-05 | |
| CVE-2024-1061 json | 9.8 - CRITICAL | 2024-01-30 | 2024-02-05 | |
| CVE-2023-46084 json | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in bPlugins LLC Icons Font... | 8.8 - HIGH | 2023-11-06 | 2023-11-14 |
| CVE-2023-5860 json | The Icons Font Loader plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the... | Not Provided | 2023-11-02 | 2026-04-08 |
| CVE-2023-0170 json | The Html5 Audio Player WordPress plugin before 2.1.12 does not validate and escape some of its shortcode attributes before ou... | 5.4 - MEDIUM | 2023-02-06 | 2023-11-07 |
| CVE-2021-24868 json | The Document Embedder WordPress plugin before 1.7.9 contains a AJAX action endpoint, which could allow any authenticated user... | 4.3 - MEDIUM | 2022-02-01 | 2022-02-04 |
| CVE-2021-24775 json | The Document Embedder WordPress plugin before 1.7.5 contains a REST endpoint, which could allow unauthenticated users to enum... | 5.3 - MEDIUM | 2022-02-01 | 2022-02-04 |
| CVE-2021-24416 json | The StreamCast – Radio Player for WordPress plugin before 2.1.1 does not sanitise or validate the parameters from its short... | 5.4 - MEDIUM | 2021-10-18 | 2023-11-07 |