Lucene search
+L

5 matches found

Check Point Advisories
Check Point Advisories
added 2021/08/02 12:0 a.m.55 views

WordPress BuddyPress Plugin Privilege Escalation (CVE-2021-21389)

A privilege escalation vulnerability exists in WordPress BuddyPress Plugin. Successful exploitation of this vulnerability would allow a remote attacker to gain unauthorized access to the affected system...

9CVSS5.5AI score0.13882EPSS
Exploits2
Circl
Circl
added 2021/06/02 4:11 p.m.69 views

CVE-2021-21389

creationtimestamp| type| source ---|---|--- 2021-06-02 16:11:31+00:00| published-proof-of-concept| Telegram/yobw8ZrvHW0fEUWSUnBhVkPFKQSqUEvC1JTEUdeXbKUw 2022-07-04 20:48:04+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/3003 2023-04-27 09:58:59+00:00| confirmed|...

9CVSS7.2AI score0.13882EPSS
In wildExploits2References6
GithubExploit
GithubExploit
added 2021/05/31 2:12 p.m.165 views

Exploit for Incorrect Authorization in Buddypress

CVE-2021-21389 BuddyPress 7.2.1 - REST API Privilege Esca...

9CVSS8.7AI score0.13882EPSS
Exploits2
Cvelist
Cvelist
added 2021/03/26 8:15 p.m.37 views

CVE-2021-21389 BuddyPress privilege escalation via REST API

BuddyPress is an open source WordPress plugin to build a community site. In releases of BuddyPress from 5.0.0 before 7.2.1 it's possible for a non-privileged, regular user to obtain administrator rights by exploiting an issue in the REST API members endpoint. The vulnerability has been fixed in...

8.1CVSS8.8AI score0.13882EPSS
Exploits2References3
CVE
CVE
added 2021/03/26 8:15 p.m.182 views

CVE-2021-21389

BuddyPress (WordPress plugin) prior to 7.2.1 is affected by a REST API privilege-escalation vulnerability that can lead to remote code execution. A non-privileged user could exploit the REST API members endpoint (v1/members/me) to gain administrator rights. Affected versions are 5.0.0 through 7.2...

9CVSS8.2AI score0.13882EPSS
In wildExploits2References3Affected Software1
Rows per page
Query Builder