Search
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-50880 | 1 Buddypress | 1 Buddypress | 2024-01-05 | N/A | 5.4 MEDIUM |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in The BuddyPress Community BuddyPress allows Stored XSS.This issue affects BuddyPress: from n/a through 11.3.1. | |||||
| CVE-2017-6954 | 1 Buddypress | 1 Buddypress | 2019-10-03 | 4.0 MEDIUM | 4.3 MEDIUM |
| An issue was discovered in includes/component.php in the BuddyPress Docs plugin before 1.9.3 for WordPress. It is possible for authenticated users to edit documents of other users without proper permissions. | |||||
| CVE-2014-1889 | 1 Buddypress | 1 Buddypress | 2019-04-26 | 4.0 MEDIUM | 6.5 MEDIUM |
| The Group creation process in the Buddypress plugin before 1.9.2 for WordPress allows remote authenticated users to gain control of arbitrary groups by leveraging a missing permissions check. | |||||