CVE-2023-24499 MEDIUM

CVE-2023-24499: Butterfly Button plugin may leave traces of its use on user's device

Vendor Butterfly Button
Product Butterfly Button plugin
Published February 15, 2023
Last update March 19, 2025

CVSS base score

4.3/10
Attack vector Physical
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality High
Integrity None

CVSS vector

CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

What the vulnerability does

01Description

Butterfly Button plugin may leave traces of its use on user's device. Since it is used for reporting domestic problems, this may lead to spouse knowing about its use.

Key dates

02Disclosure timeline

February 15, 2023 CVE published
March 19, 2025 Record updated