Security error

Hi,

There’s a security updates, You need to update to the latest version 1.3.3.

Glen

Here also multiple website hacked with Adwords campaignes ect.

Author should be pro-active preventing these kind of vulnerabilities or re-checking his code.

I suggest looking for other plugins.

You should inform your users that the plugin is hacked instead of waving it away by saying to update the plugin. This should not be happening in the first place.

• This reply was modified 4 years, 7 months ago by diondetovenaar.

@diondetovenaar , this plugin is still being maintained.

The plugin was not hacked it was just a Security Breach, we cannot prevent this to happen there are lots of people out there better than the author.

I have already solved 3 hacked websites in a few days
They access through your plugin and delete the wp-config or modify it

I think you are not aware of gravity, I understand that as the creator of a plugin you cannot take charge of these actions (It is normal)
But please INFORM users, more detail in the changelog “SECURITY UPDATES” is not a detailed change history. Thank you

Yeah I know that, I’m sorry I did not intent for that to happen.

I’m just working this alone without any contributor I hope that you understand.

Also I specified on version 1.3.3 about updates.

1.3.3
* SECURITY UPDATES ( issues reported by : Robert L Mathews )
* The issues inside dnd_codedropz_upload_delete function, that will execute any POST remotely.

Hello,
Thank you for your plugin.
This is very scaring…I understand your time limit problem, but for your plugin it is fundamental that it is secure otherwise it can damage the site or more!
Good luck
Patrice