2 matches found
CVE-2026-5144
The BuddyPress Groupblog plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.9.3. This is due to the group blog settings handler accepting the groupblog-blogid, default-member, and groupblog-silent-add parameters from user input without proper...
CVE-2026-5144
The CVE-2026-5144 entry describes a Privilege Escalation in the BuddyPress Groupblog WordPress plugin up to version 1.9.3. The root cause is that the group blog settings handler accepts groupblog-blogid, default-member, and groupblog-silent-add from user input without proper authorization checks,...