BuddyPress 4.2.0 is now available. This is a security and maintenance release. All BuddyPress installations are strongly encouraged to upgrade as soon as possible.
The 4.2.0 release addresses two security issues:
These vulnerabilities were reported privately to the BuddyPress team, in accordance with WordPress’s security policies. Our thanks to the reporters for practicing coordinated disclosure.
BuddyPress 4.2.0 also fixes 4 bugs. For complete details, visit the 4.2.0 changelog.