Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

bplugins — Vulnerabilities & Security Advisories 73

Browse all 73 CVE security advisories affecting bplugins. AI-powered Chinese analysis, POCs, and references for each vulnerability.

bplugins operates as a software development firm specializing in WordPress plugins, primarily focusing on e-commerce solutions and digital product management. Its extensive portfolio has resulted in a significant security footprint, with seventy-two Common Vulnerabilities and Exposures (CVEs) currently documented. Historically, the most prevalent vulnerability classes affecting its products include Remote Code Execution (RCE), Cross-Site Scripting (XSS), and SQL Injection, often stemming from insufficient input validation and improper access controls. These flaws frequently allow unauthenticated attackers to execute arbitrary code or escalate privileges within compromised WordPress installations. While the company generally responds to disclosed issues, the high volume of historical incidents highlights systemic challenges in maintaining rigorous code review processes across its diverse plugin ecosystem. This pattern underscores the critical need for enhanced security testing in widely deployed third-party WordPress extensions to mitigate widespread exploitation risks.

Found 3 results / 73Clear Filters
Top products by bplugins: bSlider – Create Responsive Image, Post, Product, and Video Sliders B Blocks Button Block HTML5 Video Player – Embed and Play Videos in Custom Player Document Embedder – Embed PDFs, Word, Excel, and Other Files Info Cards Button Block – Design Stylish, Interactive, and Multi-Functional Buttons Icon List Block Tiktok Feed B Slider Html5 Audio Player HTML5 Audio Player – The Ultimate No-Code Podcast, MP3 & Audio Player PDF Poster bBlocks – Essential Gutenberg Blocks & Patterns Collection LightBox Block Media Player Addons for Elementor – Audio and Video Widgets for Elementor Block for Mailchimp – Add Email Subscription Forms and Collect Leads Voice Feedback Video Gallery Block Advanced scrollbar Carousel Block – Responsive Image and Content Carousel Image Gallery block – Create and display photo gallery/photo album. Counters Block Icon List Block – Add Icon-Based Lists with Custom Styles Parallax Section block Team Section Block – Showcase Team Members with Layout Options B Accordion All In One Image Viewer Block – Gutenberg block to create image viewer with hyperlink Timeline Block – Beautiful Timeline Builder for WordPress (Vertical & Horizontal Timelines) Info Cards – Add Text and Media in Card Layouts
CVE IDTitleCVSSSeverityPublished
CVE-2025-54694 WordPress Button Block Plugin plugin <= 1.2.0 - Cross Site Request Forgery (CSRF) Vulnerability — Button BlockCWE-352 4.3 Medium2025-08-14
CVE-2025-22787 WordPress Button Block plugin <= 1.1.5 - Broken Access Control vulnerability — Button BlockCWE-862 4.3 Medium2025-01-15
CVE-2025-22815 WordPress Button Block plugin <= 1.1.9 - Cross Site Scripting (XSS) vulnerability — Button BlockCWE-79 6.5 Medium2025-01-09

This page lists every published CVE security advisory associated with bplugins. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.