Activity Reactions For Buddypress, CVE-2022-45075

CVE, Research URL: CVE-2022-45075
Home page URL: Security reports for Activity Reactions For Buddypress
Application: Activity Reactions For Buddypress
Published on: -
Research Description: The Activity Reactions For Buddypress plugin for WordPress is vulnerable to missing authorization checks in versions up to, and including, 1.0.22 on the ai_front_smiley function. This makes it possible for subscriber-level to enable and disable reactions.
Affected versions: Min -, max 1.0.22.
Status: vulnerable