Cross-site scripting vulnerability in MaxButtons prior to version 6.19 and MaxButtons Pro prior to version 6.19 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.Referenceshttps://wordpress.org/plugins/maxbuttons/#developershttps://jvn.jp/en/jp/JVN70411623/index.htmlhttp://jvndb.jvn.jp/jvndb/JVNDB-2017-000093
