cleantalk
Vulnerabilities and Security Researches

Activity Plus Reloaded for BuddyPress, CVE-2025-30957

CVE, Research URL

CVE-2025-30957

Home page URL

Security reports for Activity Plus Reloaded for BuddyPress

Application

Activity Plus Reloaded for BuddyPress

Published on
Jun 06, 2025
Research Description
Missing Authorization vulnerability in BuddyDev Activity Plus Reloaded for BuddyPress allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Activity Plus Reloaded for BuddyPress: from n/a through 1.1.2.
Affected versions
Min -, max 1.1.2.
Status
vulnerable
Previous vulnerability researches
Astra Widgets (CVE-2024-56274) , Jan 07, 2025
Astra Widgets , Jul 24, 2024
Astra Widgets (CVE-2024-50439) , Oct 27, 2024
New vulnerability
WordPress Infinite Scroll – Ajax Load More (CVE-2025-4775) , Jun 18, 2025
PostaPanduri (CVE-2025-49452) , Jun 18, 2025
Ivory Search – WordPress Search Plugin (CVE-2025-5209) , Jun 18, 2025
Drag and Drop Multiple File Upload – Contact Form 7 (CVE-2025-3515) , Jun 18, 2025
Poll, Survey & Quiz Maker Plugin by Opinion Stage (CVE-2025-3880) , Jun 18, 2025