Skip to:

Opened 11 years ago

Closed 11 years ago

#4888 closed defect (bug) (no action required)

Security Risk: Insecurity of private groups

Reported by: douglance's profile douglance Owned by:
Milestone: Priority: normal
Severity: critical Version: 1.7
Component: Groups Keywords:


An anonymous person has hacked into my private groups.

The content in these groups is sensitive information.

I need a stronger form of security for my groups.

BP should notify users that private groups are not, in fact, private.

Also, if you can please alert me to known hacks and solutions for those hacks. It is greatly appreciated.

Change History (1)

#1 @boonebgorges
11 years ago

  • Keywords needs-patch needs-testing removed
  • Milestone Awaiting Review deleted
  • Resolution set to invalid
  • Status changed from new to closed

There are no known vulnerabilities in BuddyPress.

If you've experienced a problem where someone has gained access to a password or otherwise gotten means to enter your system, then that's not a BP bug. Please head over to and post specific details about the nature of the problem and someone there may be able to help you.

If it turns out that you have identified an actual, reproducible BP bug, please reopen this ticket with all the details relevant for the developers to troubleshoot.

Note: See TracTickets for help on using tickets.