3 matches found
WordPress BuddyPress Docs plugin < 2.2.5 - Subscriber+ Arbitrary Document Read/Update vulnerability
Subscriber+ Arbitrary Document Read/Update vulnerability discovered by Terrence Bosco, Alexus Bosco, Andrew Risorto in WordPress Plugin BuddyPress Docs versions 2.2.5...
CVE-2025-5526
creationtimestamp| type| source ---|---|--- 2025-06-27 06:53:16+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/19670 2025-06-27 10:43:43+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lslhh3aeju2v...
CVE-2025-5526 BuddyPress Docs < 2.2.5 - Subscriber+ Arbitrary Document Read/Update
The BuddyPress Docs WordPress plugin before 2.2.5 lacks proper access controls and allows a logged in user to view and download files belonging to another user...