Exposição de BuddyPress

WordPress plugins

16

score de exposição

1.292

sites usam

0

em exploração

0

críticos

CVEs

12 resultados

CVE-2021-21389HIGHBuddyPress privilege escalation via REST APIEPSS 13.9%CVE-2020-5244HIGHPrivate data exposure via REST API in BuddyPressEPSS 1.9%CVE-2024-10011HIGHBuddyPress <= 14.1.0 - Authenticated (Subscriber+) Directory TraversalEPSS 0.9%CVE-2024-11976HIGHBuddyPress <= 14.3.3 - Unauthenticated Arbitrary Shortcode ExecutionEPSS 0.4%CVE-2024-3974MEDIUMBuddyPress <= 12.4.0 - Authenticated (Subscriber+) Stored Cross-Site ScriptingEPSS 0.4%CVE-2025-62022HIGHWordPress BuddyPress plugin <= 14.3.4 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-50880MEDIUMWordPress BuddyPress Plugin <= 11.3.1 is vulnerable to Cross Site Scripting (XSS)EPSS 0.4%CVE-2024-4892MEDIUMBuddyPress <= 12.4.1 - Authenticated (Subscriber+) Stored Cross-Site ScriptingEPSS 0.3%CVE-2026-53673HIGHBuddyPress 14.4.0 Private Message IDOR via REST API user_id ParameterEPSS 0.3%CVE-2026-53674HIGHBuddyPress 14.4.0 REGEXP Injection via @Mention Username ResolutionEPSS 0.3%CVE-2020-37233MEDIUMWordPress Plugin Buddypress 6.2.0 Persistent Cross-Site ScriptingEPSS 0.2%CVE-2026-53675MEDIUMBuddyPress 14.4.0 Friends List IDOR via REST APIEPSS 0.2%

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →