Vulnerabilities and security researches forlock-my-bp lock-my-bp

Jun 07, 2024

CVE, Research URL: 3d786983923babedd3ec896a3b0e25737c90b44f
Home page URL: Security reports for Wbcom Designs – Private Community for BuddyPress
Application: Wbcom Designs – Private Community for BuddyPress
Date: Apr 11, 2022
Research Description: Wbcom Designs – Private Community for BuddyPress [lock-my-bp] < 1.7.0 WordPress Wbcom Designs – Private Community for BuddyPress plugin <= 1.6.0 - Arbitrary Plugin Installation, Activation and Deactivation vulnerability Arbitrary Plugin Installation, Activation and Deactivation vulnerability discovered by Mary (JJ) Jay in WordPress Wbcom Designs – Private Community for BuddyPress plugin (versions <= 1.6.0).
Affected versions: max 1.7.0.
Status: vulnerable

Dec 12, 2025

CVE, Research URL: CVE-2025-67582
Home page URL: Security reports for Wbcom Designs – Private Community for BuddyPress
Application: Wbcom Designs – Private Community for BuddyPress
Date: Dec 09, 2025
Research Description: Missing Authorization vulnerability in wbcomdesigns Wbcom Designs lock-my-bp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wbcom Designs: from n/a through <= 2.1.1.
Affected versions: max 2.1.1.
Status: vulnerable