Analysis
Analysis and contextual insights are available on OpenCVE Cloud.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Unknown | buddyboss-platform | unaffected |
|
No data.
No data available yet.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2025-15319 | The buddyboss-platform WordPress plugin before 2.7.60 lacks proper access controls and allows a logged-in user to view comments on private posts |
Fri, 14 Nov 2025 09:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
cvssV3_1
|
cvssV3_1
|
Tue, 10 Jun 2025 12:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Buddyboss
Buddyboss buddyboss Platform |
|
| Weaknesses | CWE-639 | |
| CPEs | cpe:2.3:a:buddyboss:buddyboss_platform:*:*:*:*:*:wordpress:*:* | |
| Vendors & Products |
Buddyboss
Buddyboss buddyboss Platform |
Fri, 16 May 2025 17:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
cvssV3_1
|
Thu, 15 May 2025 20:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | The buddyboss-platform WordPress plugin before 2.7.60 lacks proper access controls and allows a logged-in user to view comments on private posts | |
| Title | BuddyBoss platform < 2.7.60 - Private Comment Exposure via IDOR | |
| References |
|
MITRE
Status: PUBLISHED
Assigner: WPScan
Published:
Updated: 2025-11-13T21:06:51.959Z
Reserved: 2024-12-18T19:26:21.365Z
Link: CVE-2024-12767
Vulnrichment
Updated: 2025-05-16T16:35:07.155Z
NVD
Status : Modified
Published: 2025-05-15T20:15:37.193
Modified: 2025-11-13T21:15:46.960
Link: CVE-2024-12767
Redhat
No data.
OpenCVE Enrichment
No data.