CVE-2025-23798 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ElbowRobo Mass Messaging in BuddyPress mass-messaging-in-b…
High CVSS: 7.1

CVE-2025-23798

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ElbowRobo Mass Messaging in BuddyPress mass-messaging-in-buddypress allows Reflected XSS.This issue affects Mass Messaging in BuddyPress: from n/a through <= 2.2.1.
Vendor
Buddypress
Product
Buddypress
CWE
CWE-79
Yayın Tarihi
2025-01-22 15:15:23
Güncelleme
2026-04-23 15:24:32
Source Identifier
audit@patchstack.com
KEV Date Added
-

Kategoriler

CWE-79 Buddypress HIGH Buddypress 2025

Referanslar

https://patchstack.com/database/Wordpress/Plugin/mass-messaging-in-buddypress/vulnerability/wordpress-mass-messaging-in-buddypress-plugin-2-2-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve