CVE-2024-13858 | Buddyboss Platform Plugin up to 2.8.50 on WordPress invitee_name cross site scripting

Inserito da Angelo Barbosa | Mag 1, 2025 | CVE

A vulnerability classified as problematic was found in Buddyboss Platform Plugin up to 2.8.50 on WordPress. Affected by this vulnerability is an unknown functionality. The manipulation of the argument invitee_name leads to cross site scripting.

This vulnerability is known as CVE-2024-13858. The attack can be launched remotely. There is no exploit available.

CVE-2024-13858 | Buddyboss Platform Plugin up to 2.8.50 on WordPress invitee_name cross site scripting

Post correlati

CVE-2025-27144 | go-jose up to 4.0.4 allocation of resources (GHSA-c6gw-w398-hv78)

CVE-2024-11234 | PHP up to 8.1.30/8.2.25/8.3.13 Proxy request smuggling (GHSA-c5f2-jwm7-mmq2)

CVE-2023-37232 | Loftware Spectrum up to 4.6 Log information disclosure

CVE-2024-30799 | PX4 Autopilot up to 1.14 Breach Return Point Privilege Escalation (Issue 22428)