BuddyPress 14.2.1 Maintenance & Security release

The “Take Photo” feature (which uses the logged in user’s Webcam to capture their profile photo) was vulnerable to an authenticated (Subscriber+) directory traversal. Discovered by Domons from the Wordfence organization.

#buddypress #wordpress #plugin #foss #opensource #software #security #wordfence