CVE-2026-5144: CWE-269 Improper Privilege Management in boonebgorges BuddyPress Groupblog
The BuddyPress Groupblog plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.9.3. This is due to the group blog settings handler accepting the `groupblog-blogid`, `default-member`, and `groupblog-silent-add` parameters from user input without proper authorization checks. The `groupblog-blogid` parameter allows any group admin (including Subscribers who create their own group) to associate their group with any blog on the Multisite network, including the main site (blog ID 1). The `default-member` parameter accepts any WordPress role, including `administrator`, without validation against a whitelist. When combined with `groupblog-silent-add`, any user who joins the attacker's group is automatically added to the targeted blog with the injected role. This makes it possible for authenticated attackers, with Subscriber-level access and above, to escalate any user (including themselves via a second account) to Administrator on the main site of the Multisite network.
AI Analysis
Technical Summary
CVE-2026-5144 is a privilege escalation vulnerability in the BuddyPress Groupblog WordPress plugin affecting all versions up to 1.9.3. The vulnerability arises because the group blog settings handler accepts user-supplied parameters ('groupblog-blogid', 'default-member', and 'groupblog-silent-add') without proper authorization validation. This allows any group admin, including Subscribers who create groups, to link their group to any blog in a WordPress Multisite network, including the main site (blog ID 1). The 'default-member' parameter can be set to any WordPress role, including 'administrator', without whitelist validation. Combined with 'groupblog-silent-add', this results in automatic addition of users joining the attacker's group to the targeted blog with elevated privileges. Consequently, an authenticated user can escalate privileges to Administrator on the main site.
Potential Impact
An authenticated user with Subscriber-level access or higher can escalate privileges to Administrator on the main site of a WordPress Multisite network by exploiting this vulnerability. This compromises the confidentiality, integrity, and availability of the affected WordPress installation, allowing full control over the main site and potentially all sites within the network.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, restrict group creation and administration privileges to trusted users only, and monitor for suspicious group associations or role assignments. Avoid allowing Subscriber-level users to create groups or manage group blog settings. Review and harden WordPress Multisite permissions and consider disabling the BuddyPress Groupblog plugin if not essential.
CVE-2026-5144: CWE-269 Improper Privilege Management in boonebgorges BuddyPress Groupblog
Description
The BuddyPress Groupblog plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.9.3. This is due to the group blog settings handler accepting the `groupblog-blogid`, `default-member`, and `groupblog-silent-add` parameters from user input without proper authorization checks. The `groupblog-blogid` parameter allows any group admin (including Subscribers who create their own group) to associate their group with any blog on the Multisite network, including the main site (blog ID 1). The `default-member` parameter accepts any WordPress role, including `administrator`, without validation against a whitelist. When combined with `groupblog-silent-add`, any user who joins the attacker's group is automatically added to the targeted blog with the injected role. This makes it possible for authenticated attackers, with Subscriber-level access and above, to escalate any user (including themselves via a second account) to Administrator on the main site of the Multisite network.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2026-5144 is a privilege escalation vulnerability in the BuddyPress Groupblog WordPress plugin affecting all versions up to 1.9.3. The vulnerability arises because the group blog settings handler accepts user-supplied parameters ('groupblog-blogid', 'default-member', and 'groupblog-silent-add') without proper authorization validation. This allows any group admin, including Subscribers who create groups, to link their group to any blog in a WordPress Multisite network, including the main site (blog ID 1). The 'default-member' parameter can be set to any WordPress role, including 'administrator', without whitelist validation. Combined with 'groupblog-silent-add', this results in automatic addition of users joining the attacker's group to the targeted blog with elevated privileges. Consequently, an authenticated user can escalate privileges to Administrator on the main site.
Potential Impact
An authenticated user with Subscriber-level access or higher can escalate privileges to Administrator on the main site of a WordPress Multisite network by exploiting this vulnerability. This compromises the confidentiality, integrity, and availability of the affected WordPress installation, allowing full control over the main site and potentially all sites within the network.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, restrict group creation and administration privileges to trusted users only, and monitor for suspicious group associations or role assignments. Avoid allowing Subscriber-level users to create groups or manage group blog settings. Review and harden WordPress Multisite permissions and consider disabling the BuddyPress Groupblog plugin if not essential.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- Wordfence
- Date Reserved
- 2026-03-30T12:34:55.212Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 69d9a5741cc7ad14da144131
Added to database: 4/11/2026, 1:35:48 AM
Last enriched: 4/18/2026, 2:38:10 PM
Last updated: 5/26/2026, 7:57:12 AM
Views: 128
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.