PT-2025-43342 · Unknown · Buddypress

Asim Alshaya

·

Published

2025-10-22

·

Updated

2025-10-22

·

CVE-2025-62022

CVSS v3.1

7.5

High

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions BuddyPress versions prior to 14.3.5
Description A missing authorization flaw exists in BuddyPress. The issue allows unauthorized access due to insufficient checks.
Recommendations Update BuddyPress to version 14.3.5 or later.

Fix

Missing Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-862

Related Identifiers

CVE-2025-62022

Affected Products

Buddypress