5 matches found
WordPress BuddyPress Plugin Privilege Escalation (CVE-2021-21389)
A privilege escalation vulnerability exists in WordPress BuddyPress Plugin. Successful exploitation of this vulnerability would allow a remote attacker to gain unauthorized access to the affected system...
CVE-2021-21389
creationtimestamp| type| source ---|---|--- 2021-06-02 16:11:31+00:00| published-proof-of-concept| Telegram/yobw8ZrvHW0fEUWSUnBhVkPFKQSqUEvC1JTEUdeXbKUw 2022-07-04 20:48:04+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/3003 2023-04-27 09:58:59+00:00| confirmed|...
Exploit for Incorrect Authorization in Buddypress
CVE-2021-21389 BuddyPress 7.2.1 - REST API Privilege Esca...
CVE-2021-21389 BuddyPress privilege escalation via REST API
BuddyPress is an open source WordPress plugin to build a community site. In releases of BuddyPress from 5.0.0 before 7.2.1 it's possible for a non-privileged, regular user to obtain administrator rights by exploiting an issue in the REST API members endpoint. The vulnerability has been fixed in...
CVE-2021-21389
BuddyPress (WordPress plugin) prior to 7.2.1 is affected by a REST API privilege-escalation vulnerability that can lead to remote code execution. A non-privileged user could exploit the REST API members endpoint (v1/members/me) to gain administrator rights. Affected versions are 5.0.0 through 7.2...