4 matches found
CVE-2025-1909
The BuddyBoss Platform Pro plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.7.01. This is due to insufficient verification on the user being supplied during the Apple OAuth authenticate request through the plugin. This makes it possible for...
CVE-2025-1909
creationtimestamp| type| source ---|---|--- 2025-05-05 20:20:12+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/14984 2025-05-05 20:36:39+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3loh7uj3n3u2p 2026-05-26 14:12:37+00:00| seen|...
CVE-2025-1909
The BuddyBoss Platform Pro plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.7.01. This is due to insufficient verification on the user being supplied during the Apple OAuth authenticate request through the plugin. This makes it possible for...
CVE-2025-1909
The CVE describes an authentication bypass in the WordPress BuddyBoss Platform Pro plugin (WordPress). Affected versions: up to and including 2.7.01. Root cause: insufficient verification on the user supplied during the Apple OAuth authentication request, allowing unauthenticated attackers to log...