Buddypress : Security Vulnerabilities, CVEs, (Gain Privilege)
In BuddyPress before 5.1.2, requests to a certain REST API endpoint can result in private user data getting exposed. Authentication is not needed. This has been patched in version 5.1.2.
Max CVSS
8.0
EPSS Score
0.22%
Published
2020-02-24
Updated
2020-02-25
1 vulnerabilities found