The BuddyPress plugin for WordPress is vulnerable to a security issue, which allows people who have been recently demoted to modify the groups that they originally created. This vulnerability affects versions 7.0.0 up to and including 7.2.1 of the plugin, because it does not properly check if someone is allowed to make changes.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
