Vulnerabilidades em BuddyPress
10 resultadosCVE-2021-21389HIGHBuddyPress privilege escalation via REST APIEPSS 13.9%CVE-2020-5244HIGHPrivate data exposure via REST API in BuddyPressEPSS 1.9%CVE-2024-10011HIGHBuddyPress <= 14.1.0 - Authenticated (Subscriber+) Directory TraversalEPSS 0.9%CVE-2024-11976HIGHBuddyPress <= 14.3.3 - Unauthenticated Arbitrary Shortcode ExecutionEPSS 0.4%CVE-2024-3974MEDIUMBuddyPress <= 12.4.0 - Authenticated (Subscriber+) Stored Cross-Site ScriptingEPSS 0.4%CVE-2025-62022HIGHWordPress BuddyPress plugin <= 14.3.4 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-4892MEDIUMBuddyPress <= 12.4.1 - Authenticated (Subscriber+) Stored Cross-Site ScriptingEPSS 0.3%CVE-2026-53673HIGHBuddyPress 14.4.0 Private Message IDOR via REST API user_id ParameterEPSS 0.3%CVE-2026-53674HIGHBuddyPress 14.4.0 REGEXP Injection via @Mention Username ResolutionEPSS 0.3%CVE-2026-53675MEDIUMBuddyPress 14.4.0 Friends List IDOR via REST APIEPSS 0.2%