25 matches found
EUVD-2022-3456
Malicious code in bioql PyPI...
EUVD-2024-49791
Malicious code in bioql PyPI...
EUVD-2025-19252
Malicious code in bioql PyPI...
CVE-2025-5526
The BuddyPress Docs WordPress plugin before 2.2.5 lacks proper access controls and allows a logged in user to view and download files belonging to another user...
WordPress BuddyPress Docs plugin < 2.2.5 - Subscriber+ Arbitrary Document Read/Update vulnerability
Subscriber+ Arbitrary Document Read/Update vulnerability discovered by Terrence Bosco, Alexus Bosco, Andrew Risorto in WordPress Plugin BuddyPress Docs versions 2.2.5...
CVE-2025-5526
The BuddyPress Docs WordPress plugin before 2.2.5 lacks proper access controls and allows a logged in user to view and download files belonging to another user...
CVE-2025-5526
The BuddyPress Docs WordPress plugin before 2.2.5 lacks proper access controls and allows a logged in user to view and download files belonging to another user...
CVE-2025-5526 BuddyPress Docs < 2.2.5 - Subscriber+ Arbitrary Document Read/Update
The BuddyPress Docs WordPress plugin before 2.2.5 lacks proper access controls and allows a logged in user to view and download files belonging to another user...
CVE-2025-5526
CVE-2025-5526 affects the BuddyPress Docs WordPress plugin prior to 2.2.5. Root cause: insufficient access controls permit a logged-in user to view and download files belonging to another user. Affected versions are
CVE-2025-5526 BuddyPress Docs < 2.2.5 - Subscriber+ Arbitrary Document Read/Update
The BuddyPress Docs WordPress plugin before 2.2.5 lacks proper access controls and allows a logged in user to view and download files belonging to another user...
PT-2025-27062 · WordPress · Buddypress Docs
Name of the Vulnerable Software and Affected Versions: BuddyPress Docs WordPress plugin version 2.2.4 and earlier Description: The issue is related to inadequate access controls in the BuddyPress Docs WordPress plugin, allowing a logged-in user to view and download files belonging to another user...
WordPress plugin BuddyPress Docs 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
CVE-2024-9207
The BuddyPress Docs plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of removequeryarg without appropriate escaping on the URL in all versions up to, and including, 2.2.3. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in...
CVE-2024-9207
The BuddyPress Docs plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of removequeryarg without appropriate escaping on the URL in all versions up to, and including, 2.2.3. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in...
CVE-2024-9207
CVE-2024-9207 affects the WordPress plugin BuddyPress Docs (
CVE-2024-9207 BuddyPress Docs <= 2.2.3 - Reflected Cross-Site Scripting
The BuddyPress Docs plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of removequeryarg without appropriate escaping on the URL in all versions up to, and including, 2.2.3. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in...
CVE-2024-9207 BuddyPress Docs <= 2.2.3 - Reflected Cross-Site Scripting
The BuddyPress Docs plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of removequeryarg without appropriate escaping on the URL in all versions up to, and including, 2.2.3. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in...
WordPress BuddyPress Docs plugin <= 2.2.3 - Reflected Cross-Site Scripting vulnerability
Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin BuddyPress Docs versions = 2.2.3...
WordPress plugin BuddyPress Docs 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress BuddyPress Docs Plugin <= 2.2.3 is vulnerable to Cross Site Scripting (XSS)
Software BuddyPress Docs Type Plugin Vulnerable versions = 2.2.3 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9207 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID d79eef12da8e Credits vgo0 Required...