Buddyboss Platform

BuddyBoss

Developer

N/A

Latest version

N/A

Installations

N/A

Last updated

WordPress Plugin

No VDP

Claim ownership

Report vulnerability

Vulnerabilities

Security Contributors

Vulnerability history

0 present

8 patched

5 Mitigation rules

Subscriber+ Comment on Private Post via IDOR vulnerability
< 2.6.0
30/01/2026
Authenticated (Subscriber+) Stored Cross-Site Scripting via 'bbp_topic_title' vulnerability
<= 2.8.50
31/12/2025
Authenticated (Subscriber+) Stored Cross-Site Scripting via 'bp_nouveau_ajax_media_save' function vulnerability
<= 2.8.50
31/12/2025
Private Comment Exposure via IDOR vulnerability
< 2.7.60
19/05/2025
Authenticated (Subscriber+) Stored Cross-Site Scripting via 'invitee_name' vulnerability
<= 2.8.50
01/05/2025
Authenticated (Subscriber+) Stored Cross-Site Scripting via 'link_title' vulnerability
<= 2.7.70
27/02/2025
Insecure Direct Object Reference on Like Comment vulnerability
< 2.6.0
04/06/2024
SQL Injection (SQLi) vulnerability
<= 1.7.8
16/09/2021