Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
buddypress buddypress vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-3974
The BuddyPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘user_name’ parameter in versions up to, and including, 12.4.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
NA
CVE-2024-3293
The rtMedia for WordPress, BuddyPress and bbPress plugin for WordPress is vulnerable to blind SQL Injection via the rtmedia_gallery shortcode in all versions up to, and including, 4.6.18 due to insufficient escaping on the user supplied parameter and lack of sufficient preparatio...
1 Github repository
NA
CVE-2024-2025
The "BuddyPress WooCommerce My Account Integration. Create WooCommerce Member Pages" plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.4.20 via deserialization of untrusted input in the get_simple_request function. This m...
3.5
CVSSv2
CVE-2021-24443
The About Me widget of the Youzify – BuddyPress Community, User Profile, Social Network & Membership WordPress plugin prior to 1.0.7 does not properly sanitise its Biography field, allowing any authenticated user to set Cross-Site Scripting payloads in it, which will be...
Kainelabs Youzify
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3