6 matches found
CVE-2025-62949
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in BuddyDev Activity Plus Reloaded for BuddyPress bp-activity-plus-reloaded allows Stored XSS.This issue affects Activity Plus Reloaded for BuddyPress: from n/a through = 1.1.2...
CVE-2025-62949
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in BuddyDev Activity Plus Reloaded for BuddyPress bp-activity-plus-reloaded allows Stored XSS.This issue affects Activity Plus Reloaded for BuddyPress: from n/a through = 1.1.2...
EUVD-2025-17222
Malicious code in bioql PyPI...
CVE-2025-30957
Missing Authorization vulnerability in BuddyDev Activity Plus Reloaded for BuddyPress bp-activity-plus-reloaded allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Activity Plus Reloaded for BuddyPress: from n/a through = 1.1.2...
CVE-2025-30957
CVE-2025-30957 concerns a missing-authorization vulnerability in the BuddyPress extension Activity Plus Reloaded (BuddyDev). The Wordfence vulnerability listing explicitly notes an Authorization issue for Activity Plus Reloaded for BuddyPress
PT-2025-24178 · Buddydev · Buddydev Activity Plus Reloaded
Name of the Vulnerable Software and Affected Versions: BuddyDev Activity Plus Reloaded for BuddyPress versions 1.1.2 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels...