A vulnerability, which was classified as problematic, was found in Buddyboss Platform Plugin up to 2.8.50 on WordPress. This affects the function bp_nouveau_ajax_media_save. The manipulation leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2024-13859. It is possible to initiate the attack remotely. There is no exploit available.