CVE-2025-1909 | BuddyBoss Platform Pro Plugin up to 2.7.01 on WordPress Apple OAuth Provider improper authentication

Inserito da Angelo Barbosa | Mag 5, 2025 | CVE

A vulnerability classified as critical has been found in BuddyBoss Platform Pro Plugin up to 2.7.01 on WordPress. Affected is an unknown function of the component Apple OAuth Provider. The manipulation leads to improper authentication.

This vulnerability is traded as CVE-2025-1909. It is possible to launch the attack remotely. There is no exploit available.

CVE-2025-1909 | BuddyBoss Platform Pro Plugin up to 2.7.01 on WordPress Apple OAuth Provider improper authentication

Post correlati

CVE-2024-33581 | Lenovo PC Manager AI intelligent Scenario prior 5.1.80.9023 uncontrolled search path

CVE-2024-12903 | Biamp Evoko Home Service up to 2.7.4 default permission

CVE-2024-2943 | Campcodes Online Examination System 1.0 deleteExamExe.php id sql injection

CVE-2023-44856 | Cobham SAILOR VSAT Ku 164B019 acu_web sub_21D24 rstat/sender/recipients cross site scripting