CVSS Score of 10 (low)


Published Jul 25, 2023
Updated: Aug 1, 2023


CVE-2023-36503 is an Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability found in the Max Foundry WordPress Button Plugin MaxButtons plugin versions 9.5.3 and below. This vulnerability affects multiple products, including qYll-c, a0stu0, a0stu1, qYll-d, and many others. To remediate this vulnerability, it is recommended to update the affected plugin to a version higher than 9.5.3. The potential danger posed by this vulnerability to an organization is medium, with a CVSS score of 6.5. The base severity is considered medium as well, with low privileges required and user interaction necessary for exploitation. The impact on confidentiality and integrity is low, and the attack vector is through the network.


Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-36503 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options