Security Alert – 4/14/15 – BuddyPress Plugin for WordPress

Issue: BuddyPress has released a security update (version 2.2.2). They are recommending to update to this latest version.
Status: Update has been released.
Who is impacted? Websites running the WP REST API Plugin for WordPress.

Why was this update released?

BuddyPress version 2.2.2 was released to address two potential security issues and has a few bug fixes. Specifically:

  1. Activity: sanitize output of “Load More” link
  2. Members: better nonce check on members widget
  3. Core: improve filtering of wp_title

You can read the official announcement at the BuddyPress blog.

What should I do?

The BuddyPress Team advises all users of their plugin to update the WordPress plugin to the latest version.

Leave a Reply