BuddyPress 5.1.2 is now available. This is a security release. All BuddyPress installations are strongly encouraged to upgrade as soon as possible.
The 5.1.2 release addresses one security issue:
- Certain REST API requests could result in the exposure of private data. Discovered and reported independently by Petter Walbø Johnsgård and Jacek Suski.
The vulnerability was reported privately to the BuddyPress team, in accordance with WordPress’s security policies. Our thanks to the reporters for practicing coordinated disclosure.
For complete details, visit the 5.1.2 changelog.
Update to BuddyPress 5.1.2 today in your WordPress Dashboard, or by downloading from the WordPress.org plugin repository.
[…] Hi everyone, we’ve just published a new security release. Please upgrade as soon as possible: https://buddypress.org/2020/01/buddypress-5-1-2/ […]
I have a free wordpress.com, notice it in my dashboard should I still install it, if I have a free wordpress.com site?