The contains an IDOR vulnerability that allows a user to comment on a private post by manipulating the ID included in the request
References
Link | Resource |
---|---|
https://wpscan.com/vulnerability/76e8591f-120c-4cd7-b9a2-79f8d4d98aa8/ | Exploit Third Party Advisory |
https://wpscan.com/vulnerability/76e8591f-120c-4cd7-b9a2-79f8d4d98aa8/ | Exploit Third Party Advisory |
Configurations
History
21 Nov 2024, 09:43
Type | Values Removed | Values Added |
---|---|---|
References | () https://wpscan.com/vulnerability/76e8591f-120c-4cd7-b9a2-79f8d4d98aa8/ - Exploit, Third Party Advisory |
11 Jun 2024, 17:14
Type | Values Removed | Values Added |
---|---|---|
References | () https://wpscan.com/vulnerability/76e8591f-120c-4cd7-b9a2-79f8d4d98aa8/ - Exploit, Third Party Advisory | |
First Time |
Buddyboss
Buddyboss buddyboss Platform |
|
CWE | CWE-639 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 4.3 |
Summary |
|
|
CPE | cpe:2.3:a:buddyboss:buddyboss_platform:*:*:*:*:*:wordpress:*:* |
05 Jun 2024, 06:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-06-05 06:15
Updated : 2024-11-21 09:43
NVD link : CVE-2024-4886
Mitre link : CVE-2024-4886
CVE.ORG link : CVE-2024-4886
JSON object : View
Products Affected
buddyboss
- buddyboss_platform
CWE
CWE-639
Authorization Bypass Through User-Controlled Key