Medium severity5.3NVD Advisory· Published Aug 24, 2024· Updated Jun 17, 2026
CVE-2024-6499
CVE-2024-6499
Description
The WordPress Button Plugin MaxButtons plugin for WordPress is vulnerable to information exposure in all versions up to, and including, 9.7.8. This makes it possible for unauthenticated attackers to obtain the full path to instances, which they may be able to use in combination with other vulnerabilities or to simplify reconnaissance work. On its own, this information is of very limited use.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: 0
Patches
Vulnerability mechanics
References
3- plugins.trac.wordpress.org/changeset/3140369/maxbuttons/tags/9.8.0/assets/libraries/font-awesome-5/convert.phpnvdPatch
- www.wordfence.com/threat-intel/vulnerabilities/id/fdd0694c-ea7e-4cf8-a8d8-82a2b02fecdfnvdThird Party Advisory
- plugins.trac.wordpress.org/browser/maxbuttons/trunk/assets/libraries/font-awesome-5/convert.phpnvdProduct
News mentions
0No linked articles in our index yet.