4 matches found
CVE-2025-62760
CVE-2025-62760 refers to an authenticated Stored Cross-Site Scripting (XSS) vulnerability in the BuddyPress Activity Shortcode plugin. According to the Wordfence Vulnerability report, the affected component is the BuddyPress Activity Shortcode, with versions up to and including 1.1.8. It is categ...
CVE-2025-58263
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in BuddyDev BuddyPress Notification Widget buddypress-notifications-widget allows Stored XSS.This issue affects BuddyPress Notification Widget: from n/a through = 1.3.3...
CVE-2025-58263
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in BuddyDev BuddyPress Notification Widget buddypress-notifications-widget allows Stored XSS.This issue affects BuddyPress Notification Widget: from n/a through = 1.3.3...
PT-2025-38926
Name of the Vulnerable Software and Affected Versions BuddyPress Notification Widget versions through 1.3.3 Description The BuddyPress Notification Widget contains a flaw related to improper input handling during web page generation, which can lead to Stored Cross-Site Scripting XSS. This allows ...