Unrated severityNVD Advisory· Published Jun 4, 2024· Updated Mar 27, 2025
BuddyBoss Platform < 2.6.0 - Insecure Direct Object Reference on Like Comment
CVE-2024-4750
Description
The buddyboss-platform WordPress plugin before 2.6.0 contains an IDOR vulnerability that allows a user to like a private post by manipulating the ID included in the request
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- WordPress/buddyboss-platformdescription
- Range: <2.6.0
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/ffbe4034-842b-43b0-97d1-208811376dea/mitreexploitvdb-entrytechnical-description
News mentions
0No linked articles in our index yet.