Lucene search
K

5 matches found

Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.11 views

PT-2026-45066

Name of the Vulnerable Software and Affected Versions praisonai-platform affected versions not specified Description A vertical privilege escalation exists where a user with the lowest privilege level can promote themselves to a workspace owner. The issue occurs because the PATCH...

9.6CVSS5.8AI score0.00032EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/04/13 7:23 p.m.4 views

CVE-2026-5144

The BuddyPress Groupblog plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.9.3. This is due to the group blog settings handler accepting the groupblog-blogid, default-member, and groupblog-silent-add parameters from user input without proper...

8.8CVSS5.6AI score0.00406EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/11 1:24 a.m.2 views

CVE-2026-5144 BuddyPress Groupblog <= 1.9.3 - Authenticated (Subscriber+) Privilege Escalation to Administrator via Group Blog IDOR

The BuddyPress Groupblog plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.9.3. This is due to the group blog settings handler accepting the groupblog-blogid, default-member, and groupblog-silent-add parameters from user input without proper...

8.8CVSS5.6AI score0.00406EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/04/11 1:24 a.m.3 views

CVE-2026-5144

The BuddyPress Groupblog plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.9.3. This is due to the group blog settings handler accepting the groupblog-blogid, default-member, and groupblog-silent-add parameters from user input without proper...

8.8CVSS5.6AI score0.00406EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/04/11 12:0 a.m.3 views

PT-2026-32089

The BuddyPress Groupblog plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.9.3. This is due to the group blog settings handler accepting the groupblog-blogid, default-member, and groupblog-silent-add parameters from user input without proper...

8.8CVSS5.6AI score0.00406EPSS
Exploits0References9
Rows per page
Query Builder