Back Button Widget

Submit a proposal Propose CVE/GCVE/GHSA reference

Approved changes feed: RSS · Atom

cpe:2.3:a:wpfactory:back_button_widget:*:*:*:*:*:wordpress:*:*

part: a version: * update: *

VendorWpfactory (5fbbc6ad-468c-5353-925f-7ba5e8eccdf5)
ProductBack Button Widget (63405295-8198-5ff5-b057-2a37826df94b)
Edition*
Language*
Software edition*
Target softwarewordpress
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2025-48252 vulnerable 2026-06-03 15:01:34.322416 WordPress Back Button Widget plugin <= 1.6.8 - Cross Site Scripting (XSS) Vulnerability
MEDIUM (6.5)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Back Button Widget back-button-widget allows Stored XSS.This issue affects Back Button Widget: from n/a through <= 1.6.8.
Published: 2025-05-19T14:44:57.782Z
Updated: 2026-04-28T16:12:54.240Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-51399 vulnerable 2026-06-03 14:53:32.120110 WordPress Back Button Widget Plugin <= 1.6.3 is vulnerable to Cross Site Scripting (XSS)
MEDIUM (6.5)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Back Button Widget allows Stored XSS.This issue affects Back Button Widget: from n/a through 1.6.3.
Published: 2023-12-29T10:20:21.296Z
Updated: 2026-04-28T16:09:01.238Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.