WordPress Plugin BuddyPress is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to bypass the expected capabilities check and perform otherwise restricted actions. WordPress Plugin BuddyPress version 2.3.4 is vulnerable; prior versions are also affected.
Update to plugin version 2.3.5, 2.0.4, 2.1.2, 2.2.4 or latest
WordPress Plugin Simple Ads Manager Denial of Service (184.108.40.206)
WordPress Plugin WooCommerce Cross-Site Scripting (3.5.4)
WordPress Plugin Ultimate Addons for Visual Composer Multiple Vulnerabilities (3.16.10)
WordPress Plugin ReFlex Gallery 'php.php' Arbitrary File Upload (1.4.6)