While working on my first BuddyPress installation, I noticed a serious security issue where members are directed to a non-secure page to change their password or email. The default page is an http page, allowing unencrypted information to pass over the net.
This is obviously an issue, especially for your membership who put their trust in you to keep their information secure. (more…)