Does BP Groups CiviCRM Sync have any unpatched vulnerabilities?

No. All known vulnerabilities in BP Groups CiviCRM Sync have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is BP Groups CiviCRM Sync compatible with WordPress 6.8.5?

According to WordPress.org data, BP Groups CiviCRM Sync 0.5.5 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is BP Groups CiviCRM Sync compatible with PHP 7.4+?

BP Groups CiviCRM Sync requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is BP Groups CiviCRM Sync updated?

BP Groups CiviCRM Sync was last updated on Unknown. Frequent updates are generally a positive security signal.

What is BP Groups CiviCRM Sync's security score?

BP Groups CiviCRM Sync has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

BP Groups CiviCRM Sync Security & Risk Analysis

wordpress.org/plugins/bp-groups-civicrm-sync

Enables two-way synchronisation between BuddyPress groups and CiviCRM groups.

10 active installs v0.5.5 PHP 7.4+ WP 4.9+ Updated Unknown

buddypresscivicrmgroupssyncuser

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is BP Groups CiviCRM Sync Safe to Use in 2026?

Generally Safe

Score 100/100

BP Groups CiviCRM Sync has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs

Risk Assessment

The plugin 'bp-groups-civicrm-sync' v0.5.5 exhibits a strong security posture based on the provided static analysis and vulnerability history. The absence of any identified CVEs, coupled with the lack of critical or high-severity issues in taint analysis, indicates a generally well-maintained and secure codebase. The code signals further reinforce this, showing good practices such as a high percentage of SQL queries using prepared statements and properly escaped output. Nonce and capability checks are present, though the limited number of entry points and capability checks suggests a constrained functionality, which can be a security benefit.

However, the complete absence of AJAX handlers, REST API routes, shortcodes, and cron events, while minimizing the attack surface, also means there are no opportunities to assess authentication and authorization mechanisms for these common plugin interaction points. The static analysis did not uncover any specific exploitable code patterns or vulnerabilities. The clean vulnerability history is a significant positive indicator, suggesting that the developers have either not introduced vulnerabilities or have a strong patching process. Overall, the plugin appears to be low-risk, with its strengths lying in its minimal attack surface and apparent adherence to secure coding principles. The primary concern, if any, is the lack of readily apparent entry points to rigorously test for authorization bypasses, though the data doesn't explicitly point to such a weakness.

Vulnerabilities

None known

BP Groups CiviCRM Sync Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

BP Groups CiviCRM Sync Code Analysis

Dangerous Functions

Raw SQL Queries

2 prepared

Unescaped Output

18 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

67% prepared3 total queries

Output Escaping

95% escaped19 total outputs

Attack Surface

BP Groups CiviCRM Sync Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 49

actionplugins_loadedbp-groups-civicrm-sync.php:108

filterplugin_action_linksbp-groups-civicrm-sync.php:224

filterbp_groups_civicrm_sync_default_settingsincludes\admin\class-admin-schedule.php:65

filterbpgcs/admin/upgrade_settingsincludes\admin\class-admin-schedule.php:66

actionbpgcs/admin/loadedincludes\admin\class-admin-schedule.php:69

filtercron_schedulesincludes\admin\class-admin-schedule.php:134

actionbpgcs/loadedincludes\admin\class-admin.php:107

actioninitincludes\admin\class-page-settings-base.php:253

actioninitincludes\admin\class-page-settings-base.php:254

actioninitincludes\admin\class-page-settings-base.php:255

actionadmin_menuincludes\admin\class-page-settings-base.php:277

actionbpgcs/buddypress/loadedincludes\buddypress\class-buddypress-group-member.php:63

actiongroups_member_before_saveincludes\buddypress\class-buddypress-group-member.php:121

actiongroups_member_after_saveincludes\buddypress\class-buddypress-group-member.php:122

actiongroups_member_before_removeincludes\buddypress\class-buddypress-group-member.php:125

actiongroups_member_after_removeincludes\buddypress\class-buddypress-group-member.php:126

actionbp_groups_member_before_deleteincludes\buddypress\class-buddypress-group-member.php:129

actionbp_groups_member_after_deleteincludes\buddypress\class-buddypress-group-member.php:130

actionbpgcs/buddypress/loadedincludes\buddypress\class-buddypress-group.php:54

actionbp_groups_admin_comment_row_actionsincludes\buddypress\class-buddypress-group.php:88

actionbp_groups_admin_meta_boxesincludes\buddypress\class-buddypress-group.php:91

actiongroups_create_groupincludes\buddypress\class-buddypress-group.php:118

actiongroups_details_updatedincludes\buddypress\class-buddypress-group.php:119

actiongroups_update_groupincludes\buddypress\class-buddypress-group.php:120

actiongroups_before_delete_groupincludes\buddypress\class-buddypress-group.php:121

actioncivicrm_admin_utilities_menu_topincludes\buddypress\class-buddypress-group.php:659

actionbpgcs/buddypress/loadedincludes\buddypress\class-buddypress-user.php:54

actioncivicrm_postincludes\buddypress\class-buddypress-user.php:182

actionuser_registerincludes\buddypress\class-buddypress-user.php:411

actionprofile_updateincludes\buddypress\class-buddypress-user.php:412

actionuser_registerincludes\buddypress\class-buddypress-user.php:417

actionprofile_updateincludes\buddypress\class-buddypress-user.php:418

actionbpgcs/loadedincludes\buddypress\class-buddypress.php:83

actionbp_setup_globalsincludes\buddypress\class-buddypress.php:99

actionbpgcs/civicrm/loadedincludes\civicrm\class-civicrm-acl.php:54

actionbpgcs/civicrm/loadedincludes\civicrm\class-civicrm-contact.php:54

actionbpgcs/civicrm/loadedincludes\civicrm\class-civicrm-group-admin.php:57

actioncivicrm_configincludes\civicrm\class-civicrm-group-admin.php:88

actioncivicrm_buildFormincludes\civicrm\class-civicrm-group-admin.php:99

actioncivicrm_postProcessincludes\civicrm\class-civicrm-group-admin.php:102

actionbpgcs/civicrm/loadedincludes\civicrm\class-civicrm-group-contact.php:54

actioncivicrm_preincludes\civicrm\class-civicrm-group-contact.php:85

actioncivicrm_preincludes\civicrm\class-civicrm-group-contact.php:86

actioncivicrm_preincludes\civicrm\class-civicrm-group-contact.php:87

actionbpgcs/civicrm/loadedincludes\civicrm\class-civicrm-group-meta.php:63

actionbpgcs/civicrm/loadedincludes\civicrm\class-civicrm-group-nesting.php:54

actionbpgcs/civicrm/loadedincludes\civicrm\class-civicrm-group.php:80

actioncivicrm_permission_checkincludes\civicrm\class-civicrm-group.php:1317

actionbpgcs/loadedincludes\civicrm\class-civicrm.php:126

Maintenance & Trust

BP Groups CiviCRM Sync Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedUnknown

PHP min version7.4

Downloads5K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

BP Groups CiviCRM Sync Alternatives

CiviCRM Profile Sync

civicrm-wp-profile-sync

100

Keeps a WordPress User profile in sync with a CiviCRM Contact and integrates WordPress and CiviCRM Entities when using Advanced Custom Fields.

500 No CVEs

BuddyPress Default Data

bp-default-data

Plugin will create lots of users, messages, friends connections, groups, topics, activity items, profile data - useful for testing purpose.

400 No CVEs

BP Profile Search

bp-profile-search

Member search and member directories for BuddyPress and the BuddyBoss Platform.

6K 3 CVEs

Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress

youzify

The best BuddyPress plugin for building online communities, user profile, social networks, and membership sites on WordPress with tons of features.

6K 1 unpatched

Registration Options for BuddyPress

bp-registration-options

Moderate new BuddyPress members and fight BuddyPress spam.

1K No CVEs

Developer Profile

BP Groups CiviCRM Sync Developer Profile

Christian Wach

8 plugins · 2K total installs

trust score

Avg Security Score

94/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect BP Groups CiviCRM Sync

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/bp-groups-civicrm-sync/assets/css/backend.css/wp-content/plugins/bp-groups-civicrm-sync/assets/js/backend.js/wp-content/plugins/bp-groups-civicrm-sync/assets/css/frontend.css/wp-content/plugins/bp-groups-civicrm-sync/assets/js/frontend.js

Script Paths

/wp-content/plugins/bp-groups-civicrm-sync/assets/js/backend.js/wp-content/plugins/bp-groups-civicrm-sync/assets/js/frontend.js

Version Parameters

bp-groups-civicrm-sync/assets/css/backend.css?ver=bp-groups-civicrm-sync/assets/js/backend.js?ver=bp-groups-civicrm-sync/assets/css/frontend.css?ver=bp-groups-civicrm-sync/assets/js/frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes

bpgcs-admin-settings-page

Data Attributes

data-bpgcs-group-iddata-bpgcs-civicrm-id

JS Globals

bp_groups_civicrm_sync_params

FAQ