Medium
CVSS 4.3
Overview
The BuddyPress Docs WordPress plugin before 2.2.5 lacks proper access controls and allows a logged in user to view and download files belonging to another user
CVE-2025-5526
The BuddyPress Docs WordPress plugin before 2.2.5 lacks proper access controls a...
Risk analysis
This vulnerability is rated 🟡 MEDIUM.
- CVSS: 4.3 (MEDIUM)
- Detected tags: none (tag impact: LOW)
Recommended actions:
- Prioritize remediation based on business criticality and exposure.
- Limit exposure and increase monitoring until fixed.