9 matches found
EUVD-2025-9212
Malicious code in bioql PyPI...
CVE-2025-31812
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tomas BuddyPress Members Only buddypress-members-only allows Stored XSS.This issue affects BuddyPress Members Only: from n/a through = 3.5.3...
WordPress BuddyPress Members Only plugin <= 3.5.3 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by theviper17 in WordPress Plugin BuddyPress Members Only versions = 3.5.3...
CVE-2025-31812
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tomas BuddyPress Members Only buddypress-members-only allows Stored XSS.This issue affects BuddyPress Members Only: from n/a through = 3.5.3...
CVE-2025-31812
CVE-2025-31812 : Stored XSS in BuddyPress Members Only (WordPress) due to improper input neutralization during web page generation; affects BuddyPress Members Only 3.5.3 and earlier. Exploitation details are not provided in the initial document, but Wordfence’s vulnerability listing indicates the...
WordPress BuddyPress Members Only plugin <= 3.4.8 - Sensitive Data Exposure vulnerability
Sensitive Data Exposure vulnerability discovered by Francesco Carlucci in WordPress Plugin BuddyPress Members Only versions = 3.4.8...
WordPress BuddyPress Members Only Plugin <= 3.3.5 is vulnerable to Sensitive Data Exposure
Software BuddyPress Members Only Type Plugin Vulnerable versions = 3.3.5 Fixed in N/A OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-0972 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 96dc46493939 Credits Francesco Carlucci...
WordPress plugin BuddyPress Members Only security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in PHP. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPress plugin BuddyPress Members...
BuddyPress Members Only <= 3.3.5 - Improper Access Control to Sensitive Information Exposure via REST API
Description The BuddyPress Members Only plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.3.5 via the REST API. This makes it possible for unauthenticated attackers to bypass the plugin's "All Other Sections On Your Site Will be Opened to...