VYPR
Medium severity6.5NVD Advisory· Published Apr 10, 2018· Updated Jun 17, 2026

CVE-2014-1889

CVE-2014-1889

Description

The Group creation process in the Buddypress plugin before 1.9.2 for WordPress allows remote authenticated users to gain control of arbitrary groups by leveraging a missing permissions check.

Affected products

2

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.