EPSS
Percentile
98.5%
The BuddyPress WordPress plugin, versions before 7.2.1, fixed a vulnerability that could allow a privilege escalation from a regular user to Administrator, using the BuddyPress REST API buddypress/v1/members/me endpoint.
buddypress.org/2021/03/buddypress-7-2-1-security-release/
codex.buddypress.org/releases/version-7-2-1/
github.com/buddypress/BuddyPress/security/advisories/GHSA-m6j4-8r7p-wpp3