Quantcast
Channel: BuddyPress.org
Viewing all articles
Browse latest Browse all 10

BuddyPress 9.1.1 Security and Maintenance Release

0
0

BuddyPress 9.1.1 is now available. This is a security and maintenance release. All BuddyPress installations are strongly encouraged to upgrade as soon as possible.

The 9.1.1 release addresses three security issues:

  • The activation key was included into the responses of the create_item method of BP REST API Signup controller. Discovered by Brajesh Singh.
  • An SQL Injection vulnerability was fixed in BP_Notifications_Notification::get_order_by_sql(). Discovered by David Cavins.
  • An SQL Injection vulnerability was fixed in BP_Invitation::get_order_by_sql(). Discovered by David Cavins.

These vulnerabilities were reported privately to the BuddyPress team, in accordance with WordPress’s security policies. Our thanks to the reporters for practicing coordinated disclosure.

BuddyPress 9.1.1 also fixes 3 bugs. For complete details, visit the 9.1.1 changelog.

You can get it clicking on the above button, downloading it from the WordPress.org plugin directory or checking it out from our Subversion repository.

If for a specific reason you can’t upgrade to 9.1.1, we also included the security fixes to our branches from 2.9 to 8.0. Here’s the list of the available downloads for the corresponding tags, you can also find on our WordPress.org Directory Advanced page:

  • If you are using BP 2.9.4 and can’t upgrade to 9.1.1, please upgrade to 2.9.5.1
  • If you are using BP 3.2.0 and can’t upgrade to 9.1.1, please upgrade to 3.2.1
  • If you are using BP 4.4.0 and can’t upgrade to 9.1.1, please upgrade to 4.4.1
  • If you are using BP 5.2.0 and can’t upgrade to 9.1.1, please upgrade to 5.2.1
  • If you are using BP 6.4.0 and can’t upgrade to 9.1.1, please upgrade to 6.4.2
  • If you are using BP 7.3.0 and can’t upgrade to 9.1.1, please upgrade to 7.3.2
  • If you are using BP 8.0.0 and can’t upgrade to 9.1.1, please upgrade to 8.0.2

Viewing all articles
Browse latest Browse all 10

Latest Images

Trending Articles





Latest Images