VYPR

Buddypress Members Only

by WordPress

Source repositories

CVEs (2)

  • CVE-2025-31812MedApr 1, 2025
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tomas BuddyPress Members Only buddypress-members-only allows Stored XSS.This issue affects BuddyPress Members Only: from n/a through <= 3.5.3.

  • CVE-2024-0972MedJun 6, 2024
    risk 0.34cvss 5.3epss 0.00

    The BuddyPress Members Only plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.4.9 via the REST API. This makes it possible for unauthenticated attackers to bypass the plugin's "All Other Sections On Your Site Will be…