CVE-2025-3793 — The Buddypress Force Password Change plugin for WordPress is vulnerable to authenticated account takeover due to the plugin not properly validating a user's identity prior to updating their passwo — CVE Database · The Intelligence Room