BuddyPress 14.2.1 is now available. This is a maintenance & security release. All BuddyPress installations should be updated as soon as possible. The 14.2.1 release addresses the following security issue: This vulnerability was reported privately to the BuddyPress team, in accordance with WordPress’s security policies. Our thanks to the reporter for practicing coordinated disclosure. 14.2.1 also […]
BuddyPress 14.2.1 Maintenance & Security release
Published on October 22nd, 2024 by Mathieu VietBuddyPress 12.5.1 Security Release
Published on June 10th, 2024 by Mathieu VietBuddyPress 12.5.1 is now available. This is a security release. All BuddyPress installations should be updated as soon as possible. The 12.5.1 release addresses the following security issue: This vulnerability was impacting BuddyPress branches from 9.0 to 12.0. It was reported privately to the BuddyPress team, in accordance with WordPress’s security policies. Our thanks to the […]
BuddyPress 12.4.1 Security Release
Published on May 1st, 2024 by Mathieu VietBuddyPress 12.4.1 is now available. This is a security release. All BuddyPress installations should be updated as soon as possible. The 12.4.1 release addresses the following security issue: This vulnerability was impacting BuddyPress branches from 9.0 to 12.0. It was reported privately to the BuddyPress team, in accordance with WordPress’s security policies. Our thanks to the […]
BuddyPress 11.3.2 Security Release
Published on October 17th, 2023 by Mathieu VietBuddyPress 11.3.2 is now available. This is a security release. All BuddyPress installations should be updated as soon as possible. The 11.3.2 release addresses the following security issue: This vulnerability was reported privately to the BuddyPress team, in accordance with WordPress’s security policies. Our thanks to the reporter for practicing coordinated disclosure. For complete details, visit […]
BuddyPress 11.3.1 Security & Maintenance release
Published on August 24th, 2023 by Mathieu VietBuddyPress 11.3.1 is now available. This is a security and maintenance release. All BuddyPress installations should be updated as soon as possible. The 11.3.1 release addresses the following security issue: This vulnerability was reported privately to the BuddyPress team, in accordance with WordPress’s security policies. Our thanks to the reporter for practicing coordinated disclosure. BuddyPress 11.3.1 […]
BuddyPress 9.1.1 Security and Maintenance Release
Published on August 18th, 2021 by Mathieu VietBuddyPress 9.1.1 is now available. This is a security and maintenance release. All BuddyPress installations are strongly encouraged to upgrade as soon as possible. The 9.1.1 release addresses three security issues: The activation key was included into the responses of the create_item method of BP REST API Signup controller. Discovered by Brajesh Singh. An SQL Injection […]
BuddyPress 7.3.0 Maintenance & Security Release
Published on April 14th, 2021 by Mathieu VietBuddyPress 7.3.0 is now available. This is a security and maintenance release. All BuddyPress installations are strongly encouraged to upgrade as soon as possible. The 7.3.0 release addresses four security issues: A vulnerability was fixed that could allow a member to create a group on behalf of another member via a REST API endpoint. A vulnerability […]
BuddyPress 7.2.1 Security Release
Published on March 16th, 2021 by Mathieu VietBuddyPress 7.2.1 is now available. This is a security release. All BuddyPress installations are strongly encouraged to upgrade as soon as possible. The 7.2.1 release addresses 5 security issues which were reported privately to the BuddyPress team by Kien Hoang, in accordance with WordPress’s security policies: A vulnerability was fixed that could allow a privilege escalation from […]
BuddyPress 6.4.0 Maintenance and Security Release
Published on November 27th, 2020 by Mathieu VietBuddyPress 6.4.0 is now available. This is a security and maintenance release. All BuddyPress installations are strongly encouraged to upgrade as soon as possible. The 6.4.0 release addresses one security issue: non-capable users could add a style attributes to “span” and “p” elements in possible rich text fields of their profile page. The vulnerability has been […]
BuddyPress 5.1.2 Security Release
Published on January 3rd, 2020 by Boone GorgesBuddyPress 5.1.2 is now available. This is a security release. All BuddyPress installations are strongly encouraged to upgrade as soon as possible. The 5.1.2 release addresses one security issue: Certain REST API requests could result in the exposure of private data. Discovered and reported independently by Petter Walbø Johnsgård and Jacek Suski. The vulnerability was […]