CVE-2025-24538

Name of the Vulnerable Software and Affected Versions slaFFik BuddyPress Groups Extras versions 3.6.10 and earlier

Description The issue is related to a Cross-Site Request Forgery (CSRF) problem, which allows an attacker to perform unauthorized actions on a user's account. This is a type of attack where an attacker tricks a user into performing an unintended action on a web application that the user is authenticated to.

Recommendations For versions 3.6.10 and earlier, update to a version later than 3.6.10 to resolve the issue. As a temporary workaround, consider implementing additional validation for requests to prevent unauthorized actions.