Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
WordPress Plugin BuddyPress Multiple Security Bypass Vulnerabilities - CVE-2021-21389 - Vulnerability Database
WP Plugin Buddypress

WordPress Plugin BuddyPress Multiple Security Bypass Vulnerabilities - CVE-2021-21389

High
Reference: CVE-2021-21389
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2021-21389
Title: WordPress Plugin BuddyPress Multiple Security Bypass Vulnerabilities
Overview:

WordPress Plugin BuddyPress is prone to multiple security bypass vulnerabilities. Exploiting these issues may allow attackers to perform otherwise restricted actions and subsequently elevate their privileges to Administrator role read private messages add/edit/delete BuddyPress Member Types from the Administration screens or more. WordPress Plugin BuddyPress version 7.2.0 is vulnerable prior versions may also be affected.