Hi @dag-persson
I reached Patchstack on 22 of december but didn’t get a reply yet.
I wasn’t contacted like stated in their site and the description of the issue is very generic.
They say that is necessay administrator privileges so it won’t be easy to explore whatever issue they found.
I’m a bit sad about the process, they just created panic without providing further info or time for me to fix something that at the moment I don’t know what it is and how to replicate it.
Hi, and thanks for your reply. It’s supposed to be Christmas time, but WordPress doesn’t stop. Let’s hope you can find the “bug” and we’ll have an update soon. Keep up the Good Spirit!
Dag
I was wondering the same thing. Will there be an update soon or should I go with another plugin?
Thank you!
Considering that the author, @takanakui, is answering us, I would say that as soon as he succeeds there will be an update and we have nothing to fear.
We look forward to it!
Happy holidays and good work!
Thanks @staipa , happy holidays
@ma3ry I’m still waiting for someone from Patchstack to reach out, since I don’t know what specific part of the code may be insecure.
Like I said it is necessary administrator privilieges to possible explore the vulnerability, but if you don’t feel safe with it um can deactivate it for a while or explore a new plugin.
I just got the details of the vulnerability and will provide a fix in the next 24hours.
Many thanks for the update. I appreciate your response. Thank you.
AWESOME!!!! Many thanks!!!
Nice! Just give us a hint, so we can activate again.
Take care, and keep up the fight; some day there will be peace on earth and human lives in harmony with the nature.
/Dag, at the book company @fripress in Sweden
Hi @dag-persson , @ma3ry and @staipa
I just released the version 3.11 that fixes this issue. give it a try.
I submitted the changes to Patchstack so it will be necessary to wait for their review so that the status can change to patched.
The situation was sorted. Will close the topic.
Hello again, Rui! You did a great job, made a useful plugin and solved problems that arose. It is good that there are security companies and web hosts that find risks and warn users and developers, while we must be aware that they also strive to make more income.
Is it possible to see the phenomenon as a metaphor for ordinary life? That criminals – big and small – are colluding with those who call for stricter punishments, more guns and a less free society?
Thanks for a great plugin! Close the topic!
/Dag
