MAJOR SECURITY BUGS AND DEVELOPERS NOWHERE TO BE FOUND!

  • Resolved Maxcom

    (@maxcom)


    2 years, 8 months ago

    This plugin is identified as having 2 relatively high risk vulnerabilities since Feb 28:

    – Sensitive Information Disclosure vulnerability
    – Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

    and the developers are apparently gone fishing as we are a week in since the vulnerabilities were disclosed and not a peep out of them.

    Dear BD Themes: are you going to wake up and address the problems or should we all jump ship? Kindly respond this year if you don’t mind.

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author Shahidul Islam

    (@bdkoder)

    Hello @maxcom ,
    Thank you for your support ticket.
    We don’t find this kind of issue right now with our latest version.
    Would you please describe to us a little bit more than where you got the issue?
    If you will help us to find out the issue, definitely we will fix it for you and for all.

    Thanks & Regards,
    Shahidul Islam

    Plugin Author bdthemes

    (@bdthemes)

    Hi, Thanks for your support ticket. We are sorry for that freemius SDK security incident but We already fixed that issue 2 weeks earlier make sure you update your plugin to the latest version (2.7.x).

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘MAJOR SECURITY BUGS AND DEVELOPERS NOWHERE TO BE FOUND!’ is closed to new replies.