VYPR
Unrated severityOSV Advisory· Published Jun 27, 2025· Updated Jul 1, 2025

BuddyPress Docs < 2.2.5 - Subscriber+ Arbitrary Document Read/Update

CVE-2025-5526

Description

The BuddyPress Docs WordPress plugin before 2.2.5 lacks proper access controls and allows a logged in user to view and download files belonging to another user

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.