CVE-2025-1909 | BuddyBoss Platform Pro Plugin up to 2.7.01 on WordPress Apple OAuth Provider improper authentication

Inserito da Angelo Barbosa | Mag 5, 2025 | CVE

A vulnerability classified as critical has been found in BuddyBoss Platform Pro Plugin up to 2.7.01 on WordPress. Affected is an unknown function of the component Apple OAuth Provider. The manipulation leads to improper authentication.

This vulnerability is traded as CVE-2025-1909. It is possible to launch the attack remotely. There is no exploit available.

CVE-2025-1909 | BuddyBoss Platform Pro Plugin up to 2.7.01 on WordPress Apple OAuth Provider improper authentication

Post correlati

CVE-2024-5042 | submariner-operator RBAC permission

CVE-2024-38526 | mitmproxy pdoc up to 14.5.0 polyfill.io vulnerable third-party component (GHSA-5vgj-ggm4-fg62)

CVE-2024-21490 | angular 1.3.0 ng-srcset Directive redos (SNYK-JS-ANGULAR-6091113)

CVE-2024-37665 | Wvp GB28181 Pro 2.0 HTTP POST Request access control