CVE-2024-13859 | Buddyboss Platform Plugin up to 2.8.50 on WordPress bp_nouveau_ajax_media_save cross site scripting

Inserito da Angelo Barbosa | Mag 1, 2025 | CVE

A vulnerability, which was classified as problematic, was found in Buddyboss Platform Plugin up to 2.8.50 on WordPress. This affects the function bp_nouveau_ajax_media_save. The manipulation leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2024-13859. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2024-13859 | Buddyboss Platform Plugin up to 2.8.50 on WordPress bp_nouveau_ajax_media_save cross site scripting

Post correlati

CVE-2024-32542 | Organic Themes Bulk Block Converter Plugin up to 1.0.1 on WordPress cross site scripting

CVE-2024-32089 | Supsystic Digital Publications Plugin up to 1.7.7 on WordPress cross-site request forgery

CVE-2024-7323 | Digiwin EasyFlow .NET 5.x/6.1.x/6.6.x absolute path traversal

CVE-2025-0497 | Rockwell Automation FactoryTalk AssetCentre prior 15.00.001 EventLogAttachmentExtractor insufficiently protected credentials