Title: Security vulnerability
Last modified: June 27, 2026

---

# Security vulnerability

 *  Resolved [catwingz](https://wordpress.org/support/users/catwingz/)
 * (@catwingz)
 * [1 week ago](https://wordpress.org/support/topic/security-vulnerability-224/)
 * I use this plugin on most of the websites I build needing custom buttons. Now
   Wordfence is reporting it has a security vulnerability: To protect your site 
   from this vulnerability, the safest option is to deactivate and completely remove“
   MaxButtons” until a patched version is available.
 * Please fix this now! I am sure I am not alone in wanting to avoid having to come
   up with a substitute!
 * Thank you
 * The page I need help with: _[[log in](https://login.wordpress.org/?redirect_to=https%3A%2F%2Fwordpress.org%2Fsupport%2Ftopic%2Fsecurity-vulnerability-224%2F%3Foutput_format%3Dmd&locale=en_US)
   to see the link]_

Viewing 4 replies - 1 through 4 (of 4 total)

 *  Thread Starter [catwingz](https://wordpress.org/support/users/catwingz/)
 * (@catwingz)
 * [1 week ago](https://wordpress.org/support/topic/security-vulnerability-224/#post-18949868)
 * An update… I find that the websites using the current version of this plugin 
   are split. Some have the Wordfence alert while the others do not. They have a
   wide variety of plugins. Perhaps there is a conflict with some? Other than stating
   it is a security risk Wordfence doesn’t give any indication.
 *  Plugin Author [Bas Schuiling](https://wordpress.org/support/users/basszje/)
 * (@basszje)
 * [1 week ago](https://wordpress.org/support/topic/security-vulnerability-224/#post-18949981)
 * hi,
 * There was a security release fixing something minor this week. The advice to 
   remove plugin is very overstated. It still gives this error with latest version?
 *  Thread Starter [catwingz](https://wordpress.org/support/users/catwingz/)
 * (@catwingz)
 * [1 week ago](https://wordpress.org/support/topic/security-vulnerability-224/#post-18949986)
 * On half of the sites I have it on, yes. That’s three out of six, so not a huge
   number, but not encouraging.
 *  Thread Starter [catwingz](https://wordpress.org/support/users/catwingz/)
 * (@catwingz)
 * [6 days, 5 hours ago](https://wordpress.org/support/topic/security-vulnerability-224/#post-18950555)
 * [@basszje](https://wordpress.org/support/users/basszje/)
 * Update: I went back and checked the websites again. Now Wordfence is giving them
   all a clean bill of health.

Viewing 4 replies - 1 through 4 (of 4 total)

You must be [logged in](https://login.wordpress.org/?redirect_to=https%3A%2F%2Fwordpress.org%2Fsupport%2Ftopic%2Fsecurity-vulnerability-224%2F%3Foutput_format%3Dmd&locale=en_US)
to reply to this topic.

 * ![](https://ps.w.org/maxbuttons/assets/icon-128x128.png?rev=1378636)
 * [MaxButtons - Create buttons](https://wordpress.org/plugins/maxbuttons/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/maxbuttons/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/maxbuttons/)
 * [Active Topics](https://wordpress.org/support/plugin/maxbuttons/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/maxbuttons/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/maxbuttons/reviews/)

## Tags

 * [remove plugin](https://wordpress.org/support/topic-tag/remove-plugin/)

 * 4 replies
 * 2 participants
 * Last reply from: [catwingz](https://wordpress.org/support/users/catwingz/)
 * Last activity: [6 days, 5 hours ago](https://wordpress.org/support/topic/security-vulnerability-224/#post-18950555)
 * Status: resolved