CVE-2021-21389

HIGH EXPLOITED NUCLEI LAB

BuddyPress 5.0.0-7.2.0 - Unauthenticated Privilege Escalation via REST API Members Endpoint

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2021-21389 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 2 public exploits from researchers including HoangKien1020, mynameSumin. A Nuclei detection template is also available.

AI-analyzed exploit summary This repository contains a functional exploit for CVE-2021-21389, demonstrating a privilege escalation vulnerability in BuddyPress (versions 5.0.0 to 7.2.0) via REST API manipulation, leading to RCE. The exploit registers a user, escalates privileges to administrator, and uploads a malicious plugin for command execution.

Description

BuddyPress is an open source WordPress plugin to build a community site. In releases of BuddyPress from 5.0.0 before 7.2.1 it's possible for a non-privileged, regular user to obtain administrator rights by exploiting an issue in the REST API members endpoint. The vulnerability has been fixed in BuddyPress 7.2.1. Existing installations of the plugin should be updated to this version to mitigate the issue.

Exploits (2)

nomisec WORKING POC 19 stars
by HoangKien1020 · remote
https://github.com/HoangKien1020/CVE-2021-21389

This repository contains a functional exploit for CVE-2021-21389, demonstrating a privilege escalation vulnerability in BuddyPress (versions 5.0.0 to 7.2.0) via REST API manipulation, leading to RCE. The exploit registers a user, escalates privileges to administrator, and uploads a malicious plugin for command execution.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: BuddyPress < 7.2.1
No auth needed
Prerequisites: BuddyPress REST API enabled · User registration enabled
devstral-2 · analyzed Feb 18, 2026 Full analysis →
nomisec WORKING POC
by mynameSumin · remote
https://github.com/mynameSumin/CVE-2021-21389

This repository contains a functional exploit for CVE-2021-21389, which targets a privilege escalation vulnerability in BuddyPress. The exploit registers a user, escalates privileges to administrator, and achieves RCE by uploading a malicious plugin.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: BuddyPress 6.3.0 (WordPress 4.7.1)
Auth required
Prerequisites: BuddyPress registration enabled · WordPress with BuddyPress plugin installed
devstral-2 · analyzed Feb 18, 2026 Full analysis →

Nuclei Templates (1)

BuddyPress REST API <7.2.1 - Privilege Escalation/Remote Code Execution
HIGHby lotusdll

References (3)

Core 3
Core References
Release Notes, Vendor Advisory x_refsource_misc
https://buddypress.org/2021/03/buddypress-7-2-1-security-release/
Release Notes, Vendor Advisory x_refsource_misc
https://codex.buddypress.org/releases/version-7-2-1/

Scores

CVSS v3 8.1
EPSS 0.9330
EPSS Percentile 99.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Lab Environment

COMMUNITY
Community Lab
docker pull hoangkien1020/lamp:multiphp

Details

VulnCheck KEV 2023-11-29
CWE
CWE-863
Status published
Products (2)
buddypress/buddypress 5.0.0 - 7.2.1
buddypress/buddypress 5.0.0 - 7.2.1Packagist
Published Mar 26, 2021
Tracked Since Feb 18, 2026