Faris Krivić

#28679of 53,633
8.8Total CVSS
Vulnerabilities · 2
Low
1
Medium
1
PT-2025-21442
3.5
2025-05-15
WordPress · Buddyboss Platform · CVE-2024-12767
Name of the Vulnerable Software and Affected Versions: buddyboss-platform versions prior to 2.7.60 Description: The issue is related to improper access controls in the buddyboss-platform WordPress plugin, allowing a logged-in user to view comments on private posts. Recommendations: For versions prior to 2.7.60, update to version 2.7.60 or later to resolve the issue.
PT-2024-32635
5.3
2024-06-03
WordPress · Buddyboss Platform · CVE-2024-4750
**Name of the Vulnerable Software and Affected Versions** buddyboss-platform WordPress plugin versions prior to 2.6.0 **Description** The issue allows a user to like a private post by manipulating the ID included in the request. This is due to an IDOR vulnerability. **Recommendations** For versions prior to 2.6.0, update to version 2.6.0 or later to resolve the issue.