Security Advisory

CVE-2025-31812

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-04-01 14:51:41
Last updated 2026-04-28 16:12:13
Assigner Patchstack
State PUBLISHED

Description

Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) vulnerability in Tomas BuddyPress Members Only buddypress-members-only allows Stored XSS.This issue affects BuddyPress Members Only: from n/a through <= 3.5.3.