Vulnerabilities > Buddypress > Buddypress > 1.5
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-25 | CVE-2024-10011 | Path Traversal vulnerability in Buddypress The BuddyPress plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 14.1.0 via the id parameter. | 8.1 |
| 2023-12-29 | CVE-2023-50880 | Unspecified vulnerability in Buddypress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in The BuddyPress Community BuddyPress allows Stored XSS.This issue affects BuddyPress: from n/a through 11.3.1. | 5.4 |
| 2018-04-10 | CVE-2014-1889 | Permissions, Privileges, and Access Controls vulnerability in Buddypress The Group creation process in the Buddypress plugin before 1.9.2 for WordPress allows remote authenticated users to gain control of arbitrary groups by leveraging a missing permissions check. | 6.5 |
| 2017-03-17 | CVE-2017-6954 | Improper Privilege Management vulnerability in Buddypress An issue was discovered in includes/component.php in the BuddyPress Docs plugin before 1.9.3 for WordPress. | 4.3 |