Plugin disappears from repo as vulnerability is revealed?
-
Hi,
Is there any rules about triaging security vulnerabilities in plugins?I was a fan of Form Lightbox {DEAD LINK}, a simple plugin that let you embed a form in a lightbox.
There’s a giant security hole in the plugin. I’ve had 4 sites exploited using it. A simple google search reveals a number of others that have been bitten.
If www.remarpro.com pull the plugin , and the author fails to patch it, and make it available again, can someone else step up, take it over and issue a patch?
Otherwise, those affected are left high and dry (until they find out how their sites are being pwned, by other means).
Viewing 3 replies - 1 through 3 (of 3 total)
Viewing 3 replies - 1 through 3 (of 3 total)
- The topic ‘Plugin disappears from repo as vulnerability is revealed?’ is closed to new replies.