Viewing 8 replies - 1 through 8 (of 8 total)
  • sus

    (@susgeek)

    Thank you Jon and WP team!

    Moderator Samuel Wood (Otto)

    (@otto42)

    www.remarpro.com Admin

    For those who don’t read the changes:

    I removed the additional malicious code, bumped the version, and removed the existing committers to the plugin. Currently, only the plugins team (mainly, me) can change this plugins code.

    If you accidentally updated to the 0.9.8.7 or 0.9.8.8 versions, then immediately upgrade to 0.9.8.9, or remove the plugin.

    We are still investigating the issues and searching for similar ones. This sort of thing is not okay and we will prevent it when and where possible. We will take the necessary actions to secure users at all times.

    This is our directory. We want it to be safe and secure.

    sagenda

    (@sagenda)

    Hello @samuel and @jon,

    As plugin owner, I would be very interested to know how this can happened. Not to cast the first stone at you, but for this to not happen again. Neither to Custome Content Type, nor to another plugin.

    Thanks

    Moderator Samuel Wood (Otto)

    (@otto42)

    www.remarpro.com Admin

    To be honest, we don’t know. Either the plugin author sold the plugin, or his www.remarpro.com account was taken over by somebody guessing the password. Since we have had no response to our inquiries, we assume the plugin is currently abandoned.

    We’ve removed all commit access to the plugin from everybody. Nobody but the plugins team has access to change it now. I would recommend users take this opportunity to look for a new plugin to fill their needs.

    ok thanks for your feedback and good luck!

    I hadn’t realized that the plugin author hadn’t responded to the wordpress team.

    I have been in email contact a while back, and he said that the support demands had gotten too large. And he was offered some money to sell it, and he thought it was a legitimate sale, but then the guy reversed the charges, and hacked the plugin, so he is pretty sick of the whole thing.

    I offered to take over the plugin, since I will need to support the plugin for a number of installations myself anyway, but he said he was still thinking about what to do.

    I guess I just could just copy the code, and then re-release it. I’ll have to see if the plugin cleans up after itself if it gets uninstalled, and write a migration function if needed.

    Jondaley, if you do re-release the plugin, please post here so we can find it.

    will do.

Viewing 8 replies - 1 through 8 (of 8 total)
  • The topic ‘Version 0.9.8.9 is safe’ is closed to new replies.