Vulnerabilities > Buddypress > Buddypress > 2.3.5
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-25 | CVE-2024-10011 | Path Traversal vulnerability in Buddypress The BuddyPress plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 14.1.0 via the id parameter. | 8.1 |
| 2023-12-29 | CVE-2023-50880 | Unspecified vulnerability in Buddypress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in The BuddyPress Community BuddyPress allows Stored XSS.This issue affects BuddyPress: from n/a through 11.3.1. | 5.4 |