Description
WordPress Plugin WooCommerce BuddyPress Integration is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently perform a variety of the plugin's actions or even take over a website. WordPress Plugin WooCommerce BuddyPress Integration version 3.2.5 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 3.2.6 or latest
References
Related Vulnerabilities
OpenSSL Out-of-bounds Write Vulnerability (CVE-2016-2182)
WordPress Plugin Anti Spam Protection without CAPTCHA powered by Keypic Security Bypass (2.1.2)
MySQL Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2008-7247)