CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

164 matches found

NVD•added yesterday•5 views

CVE-2026-56032

Subscriber PHP Object Injection in Buddyboss Platform = 3.0.4 versions...

9.8CVSS

Exploits0References1

CVE•added yesterday•9 views

CVE-2026-56032

The CVE-2026-56032 entry concerns a PHP Object Injection vulnerability in the WordPress BuddyBoss Platform plugin, affecting versions up to 3.0.4. The root cause is described as Subscriber PHP Object Injection within BuddyBoss Platform <= 3.0.4. Documented in Patchstack and CVE records, the vu...

9.8CVSS5.8AI score

Exploits0References1

Cvelist•added yesterday•9 views

CVE-2026-56032 WordPress Buddyboss Platform plugin <= 3.0.4 - PHP Object Injection vulnerability

Subscriber PHP Object Injection in Buddyboss Platform = 3.0.4 versions...

9.8CVSS

Exploits0References1

EUVD•added yesterday•4 views

EUVD-2026-39695

Subscriber PHP Object Injection in Buddyboss Platform = 3.0.4 versions...

9.8CVSS5.8AI score

Exploits0References1

Patchstack•added 4 days ago•5 views

WordPress Buddyboss Platform plugin <= 3.0.4 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by dutafi in WordPress Plugin Buddyboss Platform versions = 3.0.4...

9.8CVSS5.9AI score

Exploits0Affected Software1

Patchstack•added 2026/01/30 1:43 a.m.•9 views

WordPress BuddyBoss Platform plugin < 2.6.0 - Subscriber+ Comment on Private Post via IDOR vulnerability

Subscriber+ Comment on Private Post via IDOR vulnerability discovered by Faris Krivic in WordPress Plugin Buddyboss Platform versions 2.6.0...

4.3CVSS5.9AI score0.00375EPSS

Exploits2References1Affected Software1

RedhatCVE•added 2026/01/09 9:29 a.m.•12 views

CVE-2023-49168

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WordPlus Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss allows Stored XSS.This issue affects Better Messages – Live Chat for WordPress, BuddyPress, PeepSo...

6.5CVSS6.7AI score0.00385EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:27 a.m.•8 views

CVE-2023-45755

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in BuddyBoss BuddyPress Global Search plugin = 1.2.1 versions...

5.9CVSS5.6AI score0.00418EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:11 a.m.•18 views

CVE-2025-1909

The BuddyBoss Platform Pro plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.7.01. This is due to insufficient verification on the user being supplied during the Apple OAuth authenticate request through the plugin. This makes it possible for...

9.8CVSS6.8AI score0.00551EPSS

Exploits0References1

Patchstack•added 2025/12/31 12:0 a.m.•6 views

WordPress BuddyBoss Platform plugin <= 2.8.50 - Authenticated (Subscriber+) Stored Cross-Site Scripting via 'bbp_topic_title' vulnerability

Authenticated Subscriber+ Stored Cross-Site Scripting via 'bbptopictitle' vulnerability discovered by Kaique Peres in WordPress Plugin Buddyboss Platform versions = 2.8.50...

6.4CVSS5.3AI score0.00218EPSS

Exploits0References1Affected Software1

Patchstack•added 2025/12/31 12:0 a.m.•5 views

WordPress BuddyBoss Platform plugin <= 2.8.50 - Authenticated (Subscriber+) Stored Cross-Site Scripting via 'bp_nouveau_ajax_media_save' function vulnerability

Authenticated Subscriber+ Stored Cross-Site Scripting via 'bpnouveauajaxmediasave' function vulnerability discovered by Kaique Peres in WordPress Plugin Buddyboss Platform versions = 2.8.50...

6.4CVSS5.3AI score0.00218EPSS

Exploits0References1Affected Software1

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2018-13538

Malware in sbrugna...

5.4CVSS5.6AI score0.00723EPSS

Exploits2References2

EUVD•added 2025/10/03 8:7 p.m.•5 views

EUVD-2021-30272

Malicious code in bioql PyPI...

5.4CVSS5.7AI score0.00593EPSS

Exploits1References2