bbPress 2.5.5 Released, Patches Three Potential Security Vulnerabilities

bbpress

bbPress 2.5.5 is available for download. This release fixes three potential security vulnerabilities reported by J.D. Grimes and was pushed out within nearly 24 hours of being notified. Users should update as soon as possible as all previous 2.x versions are vulnerable. The patches have also been applied to the 2.6 development branch that will soon have a beta release.

5 Comments


      1. More informative details are in plugin changelog. New users don’t need such info (because they won’t be effected in any way). Old users will get more precise and concrete information in their WordPress admin panel. Not sure that they check WPTavern more often, that own sites.
        IMO, of course :)

        Report


      2. Not all users have access to update their plugins. Announcements like this one on WPTavern are crucial for developers to know that there’s an issue so that they can update client sites and to share the word with others. For example, I just upgraded my cousin’s bbPress plugin on his site because he doesn’t have access to do so. Without this post, I wouldn’t even have known that there was an issue because I don’t personally use bbPress.

        A lot of people don’t upgrade every single time either. Spreading this info may help get the info onto their radar that they need to upgrade.

        There are many people in situations where posts like these are extremely helpful.

        Report


    1. Many of us built sites for customers. We may no longer maintain those sites, and never visit the admin panels of any sites using affected plugins. Posts like this alert us that we should inform our old customers to upgrade.

      Report

Comments are closed.