HIGHVulnerability
Verified
Global

NVD HIGH: CVE-2026-5144 — The BuddyPress Groupblog plugin for WordPress is vulnerable to Privilege Escalat...

·Source: NIST NVD

Updated:

Executive Summary

The BuddyPress Groupblog plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.9.3. This is due to the group blog settings handler accepting the `groupblog-blogid`, `default-member`, and `groupblog-silent-add` parameters from user input without proper authorization checks. The `groupblog-blogid` parameter allows any group admin (including Subscribers wh

Analysis

The BuddyPress Groupblog plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.9.3. This is due to the group blog settings handler accepting the `groupblog-blogid`, `default-member`, and `groupblog-silent-add` parameters from user input without proper authorization checks. The `groupblog-blogid` parameter allows any group admin (including Subscribers who create their own group) to associate their group with any blog on the Multisite network, including the main site (blog ID 1). The `default-member` parameter accepts any WordPress role, including `administrator`, without validation against a whitelist. When combined with `groupblog-silent-add`, any user who joins the attacker's group is automatically added to the targeted blog with the injected role. This makes it possible for authenticated attackers, with Subscriber-level access and above, to escalate any user (including themselves via a second account) to Administrator on the main site of the Multisite network. CVSS Score: 8.8. Published: 2026-04-11T02:16:02.633.

Indicators of Compromise (1)

CVE (1)
CVE-2026-5144
NVDMITRE CVE
Source Attribution

Originally published by NIST NVD on Apr 11, 2026. Verified by: NIST.

Related Threats

LOWVulnerability

Weekly Metasploit Update: New Kerberos/Certificate tracing options, and multiple new modules

New Tracing Options As hard as we try to ensure that Metasploit is bug free, issues inevitably come up. Whether you’re running a module on an op or writing a new one, what we can do is make the debugging experience easier. To that end one of our two Google Summer of Code (GSoC) projects is here to deliver. Building on the previous pattern of HttpTrace comes two new options KerberosTicketTrace and

Rapid7
MEDIUMVulnerability

Ozempic Drug Maker Loses Clinical Trial Data in Hack

<img src="https://ismg-cdn.nyc3.cdn.digitaloceanspaces.com/articles/ozempic-drug-maker-loses-clinical-trial-data-in-hack-image_small-6-a-31962.jpg" align=right hspace=4><b>Novo Nordisk Breach Involved 'Copying' of Patient, Healthcare Provider Info</b><br>A hack on Danish pharmaceutical manufacturer Novo Nordisk has compromised some patients' clinical trial information, the maker of popular weight

Bank Info Security
MEDIUMVulnerability

ISACA Survey: AI Adoption Is Rising, Visibility Is Not

<img src="https://ismg-cdn.nyc3.cdn.digitaloceanspaces.com/articles/isaca-survey-ai-adoption-rising-visibility-not-image_small-7-a-31960.jpg" align=right hspace=4><b>Governance Professionals Struggle to Measure ROI and Control AI Systems</b><br>AI is becoming embedded across the enterprise, yet many organizations still can't quantify its value or answer key questions about oversight and control. I

Bank Info Security