Mercime

1 exploit Active since Feb 2020
CVE-2020-5244 WRITEUP HIGH WRITEUP
BuddyPress < 5.1.2 - Unauthenticated Private User Data Exposure via REST API Endpoint
In BuddyPress before 5.1.2, requests to a certain REST API endpoint can result in private user data getting exposed. Authentication is not needed. This has been patched in version 5.1.2.
CVSS 8.0