Unrated severityNVD Advisory· Published May 15, 2025· Updated Nov 13, 2025
BuddyBoss platform < 2.7.60 - Private Comment Exposure via IDOR
CVE-2024-12767
Description
The buddyboss-platform WordPress plugin before 2.7.60 lacks proper access controls and allows a logged-in user to view comments on private posts
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3(expand)+ 1 more
- (no CPE)
- (no CPE)
- Range: < 2.7.60
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/e8997f90-d8e9-4815-8808-aa0183443dae/mitreexploitvdb-entrytechnical-description
News mentions
0No linked articles in our index yet.