[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fluvdvJ4k8_hPc5gtzgjkMD1XyaKaPcWevmImLv3VhI0":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20,"patch_diff_files":21,"patch_trac_url":9,"research_status":9,"research_verified":22,"research_rounds_completed":23,"research_plan":9,"research_summary":9,"research_vulnerable_code":9,"research_fix_diff":9,"research_exploit_outline":9,"research_model_used":9,"research_started_at":9,"research_completed_at":9,"research_error":9,"poc_status":9,"poc_video_id":9,"poc_summary":9,"poc_steps":9,"poc_tested_at":9,"poc_wp_version":9,"poc_php_version":9,"poc_playwright_script":9,"poc_exploit_code":9,"poc_has_trace":22,"poc_model_used":9,"poc_verification_depth":9,"poc_exploit_code_gated":22,"source_links":24},"WF-15b4b132-1e27-454d-9ba0-9d1a552e1844-buddypress","buddypress-missing-authorization-to-group-creation","BuddyPress \u003C= 7.2.1 - Missing Authorization to Group Creation","The BuddyPress plugin for WordPress is vulnerable to authorization bypass in versions up to, and including, 7.2.1. This is due to missing authorization validation on the group membership REST-API Endpoint. This makes it possible for authenticated attackers to create new groups on behalf of another user.","buddypress",null,"\u003C=7.2.1","7.3.0","medium",5.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:L\u002FI:L\u002FA:N","Incorrect Authorization","2021-04-14 00:00:00","2024-01-22 19:56:02",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F15b4b132-1e27-454d-9ba0-9d1a552e1844?source=api-prod",1014,[],false,0,{"type":25,"vulnerable_version":26,"fixed_version":9,"vulnerable_browse":27,"vulnerable_zip":28,"fixed_browse":9,"fixed_zip":9,"all_tags":29},"plugin","2.7.4","https:\u002F\u002Fplugins.trac.wordpress.org\u002Fbrowser\u002Fbuddypress\u002Ftags\u002F2.7.4","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbuddypress.2.7.4.zip","https:\u002F\u002Fplugins.trac.wordpress.org\u002Fbrowser\u002Fbuddypress\u002Ftags"]