3 matches found
CVE-2025-12391
CVE-2025-12391 affects the Restrictions for BuddyPress plugin for WordPress (
CVE-2025-12391 Restrictions for BuddyPress <= 1.5.2 - Missing Authorization to Unauthenticated Tracking Status Update
The Restrictions for BuddyPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the handleoptinoptout function in all versions up to, and including, 1.5.2. This makes it possible for unauthenticated attackers to opt in and out of tracki...
PT-2025-47278
Name of the Vulnerable Software and Affected Versions BuddyPress Restrictions plugin for WordPress versions up to and including 1.5.2 Description The Restrictions for BuddyPress plugin for WordPress is susceptible to unauthorized data modification. A missing capability check within the handle opt...