A vulnerability, which was classified as problematic, has been found in bouncingsprout Block, Suspend, Report for BuddyPress Plugin up to 3.6.4. This issue affects some unknown processing of the component Link Parameter Handler. This manipulation of the argument Link causes cross site scripting.
This vulnerability is handled as CVE-2026-4653. The attack can be initiated remotely. There is not any exploit available.